Static task
static1
Behavioral task
behavioral1
Sample
7574b9aed8af30caf5034739b677f1b8390dedb0be38cb2eeb33e5f1ae128a04.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
7574b9aed8af30caf5034739b677f1b8390dedb0be38cb2eeb33e5f1ae128a04.exe
Resource
win10v2004-20220812-en
General
-
Target
7574b9aed8af30caf5034739b677f1b8390dedb0be38cb2eeb33e5f1ae128a04
-
Size
242KB
-
MD5
6bda53f89a6332fa0d6245b6197478b9
-
SHA1
60aca542fa00c04803e9eb113b7101ca4234a7de
-
SHA256
7574b9aed8af30caf5034739b677f1b8390dedb0be38cb2eeb33e5f1ae128a04
-
SHA512
0eea0b392762cdce50417d48509721be20285839313a27d09abbac46b1f997337e95b5ca99a166eef026c92434c1763368685d298cd81a4f74e71657f54b30ea
-
SSDEEP
6144:yiz5UFW1cFypOSC4pdfj474vTRP0/d3JMdeF5Ne:ynnApOSCkKm0FZMdz
Malware Config
Signatures
Files
-
7574b9aed8af30caf5034739b677f1b8390dedb0be38cb2eeb33e5f1ae128a04.exe windows x86
62daabf329efabd98bede0a874901a62
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ole32
ProgIDFromCLSID
WriteClassStg
OleRegGetMiscStatus
ws2_32
getsockname
gethostbyaddr
sendto
WSACancelAsyncRequest
WSARecv
select
WSAGetLastError
WSAEnumNameSpaceProvidersA
WSAAsyncGetProtoByNumber
getprotobyname
WSALookupServiceNextW
WSARecvFrom
WSALookupServiceEnd
htonl
inet_addr
WSAIsBlocking
WSACleanup
advapi32
RegUnLoadKeyA
CopySid
SetNamedSecurityInfoA
OpenSCManagerW
SetServiceStatus
RegRestoreKeyA
GetSidSubAuthorityCount
CloseServiceHandle
EnumServicesStatusW
GetSecurityDescriptorControl
CryptVerifySignatureW
RegEnumValueA
MakeSelfRelativeSD
CryptAcquireContextW
RegUnLoadKeyW
RegDeleteValueW
SetPrivateObjectSecurity
gdi32
LineDDA
GetNearestColor
SetPixelV
EndPath
GetCharWidthA
IntersectClipRect
Arc
EnumEnhMetaFile
ExtCreateRegion
StrokeAndFillPath
GetEnhMetaFilePaletteEntries
user32
DestroyAcceleratorTable
DispatchMessageA
RegisterClipboardFormatA
ExitWindowsEx
SetCaretPos
GetWindowContextHelpId
GetKeyboardState
DialogBoxIndirectParamA
ChildWindowFromPointEx
CreateDialogParamA
GetWindowDC
GetAncestor
wsprintfA
ReleaseDC
VkKeyScanW
SetForegroundWindow
GetClassLongA
keybd_event
DestroyMenu
ReleaseCapture
DefDlgProcA
CharLowerBuffA
MapVirtualKeyExW
OpenWindowStationA
IntersectRect
ChildWindowFromPoint
GetClassNameA
GetCursorPos
RegisterClassExA
CreatePopupMenu
GetDlgItemInt
DialogBoxParamA
GetKeyState
MessageBeep
CreateMDIWindowW
GetKeyboardLayout
oleaut32
SafeArrayGetElement
shell32
SHGetSpecialFolderPathA
SHGetSpecialFolderLocation
SHFileOperationW
SHChangeNotify
FindExecutableA
kernel32
ReleaseSemaphore
ReadConsoleA
GlobalAddAtomA
PurgeComm
SetLastError
lstrcatW
lstrcmpA
GetModuleHandleA
GetDiskFreeSpaceExA
GetCommState
ClearCommBreak
GetVolumeInformationW
SetCommTimeouts
MultiByteToWideChar
SetConsoleTitleA
EnumCalendarInfoA
GetSystemTimeAdjustment
LocalReAlloc
GetNumberFormatW
WaitNamedPipeA
_hread
SetConsoleWindowInfo
GetSystemInfo
ReadFileScatter
WriteConsoleOutputCharacterA
SetErrorMode
EndUpdateResourceA
SizeofResource
EnumTimeFormatsW
SetupComm
SetMailslotInfo
SetConsoleActiveScreenBuffer
GetSystemTime
EnumResourceLanguagesW
SetTimeZoneInformation
ExitProcess
SetVolumeLabelA
GetFileInformationByHandle
GetDriveTypeA
EraseTape
SetFileAttributesA
CreateNamedPipeW
PulseEvent
WritePrivateProfileStructA
SetEvent
FindResourceExA
GetWindowsDirectoryA
IsBadWritePtr
FreeLibraryAndExitThread
IsDBCSLeadByteEx
SetThreadPriorityBoost
GetProcessTimes
GetModuleFileNameW
SetConsoleOutputCP
OutputDebugStringA
WritePrivateProfileSectionW
RaiseException
SetHandleCount
LocalAlloc
GetCommModemStatus
CreatePipe
TlsGetValue
_lclose
CreateDirectoryW
GetShortPathNameW
SetSystemTime
VirtualAlloc
FindFirstFileExW
EnumResourceNamesA
CreateMutexA
FindCloseChangeNotification
VirtualQuery
GetCPInfo
lstrcpynA
SearchPathW
MoveFileExA
GetCommandLineW
DeleteFiber
IsBadReadPtr
UnhandledExceptionFilter
WriteConsoleOutputW
CompareStringA
CreateEventA
GetTapeParameters
QueryDosDeviceW
FindFirstFileW
CreateDirectoryExA
CreateWaitableTimerA
OpenFile
GetTapeStatus
GlobalReAlloc
GetOEMCP
CreateIoCompletionPort
DebugBreak
ScrollConsoleScreenBufferA
LocalLock
GetCurrentProcess
SetEnvironmentVariableA
FindResourceExW
ExpandEnvironmentStringsW
Beep
GetStringTypeExW
GetTempFileNameA
LCMapStringA
GetFileAttributesExA
FillConsoleOutputCharacterA
SetProcessAffinityMask
DuplicateHandle
GetStartupInfoA
FreeEnvironmentStringsA
CopyFileExW
RemoveDirectoryA
GetPrivateProfileSectionW
GetBinaryTypeW
version
VerFindFileA
VerQueryValueA
GetFileVersionInfoA
msvcrt
_initterm
fputws
setlocale
_mbsdec
_wfullpath
_isatty
_wremove
free
srand
fopen
_tempnam
_strlwr
wcscspn
_putws
_wpopen
_vsnprintf
_mbsnbicmp
__doserrno
strtod
_wstrtime
isalnum
fprintf
localeconv
_wcsdup
iswalpha
floor
strftime
_i64tow
_mbsstr
_access
fwprintf
setbuf
iswspace
_wcsrev
strncat
putchar
putc
_filelength
vsprintf
_wctime
isalpha
_wopen
_wsplitpath
_strrev
vfprintf
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
fgetc
__getmainargs
_acmdln
exit
_XcptFilter
_exit
islower
Sections
cuqueii Size: 200KB - Virtual size: 199KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
gawma Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ecioiq Size: 10KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
eqgwmi Size: 23KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ