Static task
static1
Behavioral task
behavioral1
Sample
1c738f5056432e202623bf1e1a3df5ec812a797331e3b2991ea11480e5fa80d8.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
1c738f5056432e202623bf1e1a3df5ec812a797331e3b2991ea11480e5fa80d8.exe
Resource
win10v2004-20221111-en
General
-
Target
1c738f5056432e202623bf1e1a3df5ec812a797331e3b2991ea11480e5fa80d8
-
Size
888KB
-
MD5
683e95ba4871eaef37d5cefc515ba6f5
-
SHA1
8ba0de06dbf4b75db8a00f5dfe52556598827119
-
SHA256
1c738f5056432e202623bf1e1a3df5ec812a797331e3b2991ea11480e5fa80d8
-
SHA512
edebef9ca7b740df349f7d482af568b31a2a5666193a100ba848ce7884bf5e00842552776eb2456f2c297029160fd0a315cce6c667c9aa55efa60880327f787d
-
SSDEEP
24576:iOZTrtkkGG+hFd9Z07e9AreU9GlMGxuVbfPH4VeZU8KN//:iiPEzh9ZOKU9/GEAVAUz/
Malware Config
Signatures
Files
-
1c738f5056432e202623bf1e1a3df5ec812a797331e3b2991ea11480e5fa80d8.exe windows x86
1c677af017b3b19a1488f70e70419c37
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
netapi32
NetLocalGroupGetInfo
NetUseDel
NetWkstaGetInfo
NetLocalGroupSetInfo
NetSessionDel
NetGroupSetInfo
NetGetJoinableOUs
NetMessageBufferSend
NetShareDel
NetLocalGroupGetMembers
DsGetDcNameWithAccountW
NetUserChangePassword
NetGroupGetUsers
advapi32
CheckTokenMembership
CreateRestrictedToken
GetSecurityDescriptorDacl
LsaOpenPolicy
AddAuditAccessAce
LsaNtStatusToWinError
SetTokenInformation
GetServiceDisplayNameA
RegCreateKeyExW
CryptEnumProvidersA
ImpersonateNamedPipeClient
RegEnumKeyW
RegSetValueW
RegSetValueExW
GetNamedSecurityInfoW
GetSecurityDescriptorGroup
AbortSystemShutdownW
RegFlushKey
AreAnyAccessesGranted
OpenSCManagerA
RegisterServiceCtrlHandlerW
LsaFreeMemory
comctl32
ImageList_Add
ImageList_Create
PropertySheetA
ImageList_GetIcon
ImageList_GetDragImage
ImageList_GetImageInfo
ImageList_DragLeave
ImageList_SetBkColor
CreateStatusWindowW
ImageList_DrawEx
DestroyPropertySheetPage
ImageList_Remove
ImageList_DragMove
ImageList_Draw
InitCommonControls
kernel32
GetDriveTypeA
ReadFile
GetQueuedCompletionStatus
FreeLibrary
GetSystemTimeAsFileTime
GetDiskFreeSpaceExW
SetConsoleOutputCP
FindCloseChangeNotification
OpenMutexA
InitializeCriticalSection
GlobalFree
GlobalReAlloc
FatalExit
VirtualAlloc
GetPrivateProfileStructW
SetConsoleKeyShortcuts
LoadResource
Sections
.text Size: 50KB - Virtual size: 50KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.DZbi Size: 664KB - Virtual size: 1.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 172KB - Virtual size: 171KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 514B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ