Static task
static1
Behavioral task
behavioral1
Sample
155079853fb7064037c5c5e7fe424487dbfbe50523d81944c1dee66098b67885.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
155079853fb7064037c5c5e7fe424487dbfbe50523d81944c1dee66098b67885.exe
Resource
win10v2004-20220812-en
General
-
Target
155079853fb7064037c5c5e7fe424487dbfbe50523d81944c1dee66098b67885
-
Size
312KB
-
MD5
6709aa634025a5f612c1146dba8412eb
-
SHA1
a467010a1fa5b72931b5c6f7eba831f3669b834f
-
SHA256
155079853fb7064037c5c5e7fe424487dbfbe50523d81944c1dee66098b67885
-
SHA512
1edd6dadcf6fcce7480931f2bf3864c79aa1e5c34c924d6d6c603697cc4276d20ea1684c095281cdf35a3124bd655220c80c2d917ed52d56dac62917789e5ebb
-
SSDEEP
6144:j4p2ED6NnG8dFwyinoUnrbyzvhNVirkTNM+T06aKM4lhX+:MHynpw1XPy1niQTNM+TtDh
Malware Config
Signatures
Files
-
155079853fb7064037c5c5e7fe424487dbfbe50523d81944c1dee66098b67885.exe windows x86
3862b8eb81ad8e327895a0f5a0d95c07
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
userenv
UnloadUserProfile
shell32
SHGetMalloc
ShellExecuteExW
SHGetDesktopFolder
SHGetSpecialFolderLocation
kernel32
HeapSize
GetCommandLineW
HeapDestroy
CreateEventW
GlobalFree
GetProcessHeap
GetSystemTimeAsFileTime
LoadLibraryExW
RaiseException
MulDiv
GetDateFormatW
SetLastError
LocalAlloc
FindResourceW
VirtualFree
DeleteCriticalSection
SetWaitableTimer
FlushInstructionCache
lstrcpyW
UnhandledExceptionFilter
LockResource
FatalAppExitW
OpenEventW
GlobalAlloc
LocalFree
GetThreadLocale
SetUnhandledExceptionFilter
CreateThread
TerminateThread
HeapFree
FindNextFileW
FormatMessageW
EnterCriticalSection
GetModuleHandleW
WaitForSingleObject
CloseHandle
GetTimeFormatW
ResumeThread
WideCharToMultiByte
WaitForMultipleObjects
GetUserDefaultLangID
HeapAlloc
lstrlenW
GetCurrentThreadId
IsProcessorFeaturePresent
CreateWaitableTimerW
ExpandEnvironmentStringsA
LeaveCriticalSection
FreeLibrary
FindClose
lstrcpynW
SizeofResource
GlobalLock
GlobalUnlock
VirtualAlloc
GetNumberFormatW
GetUserDefaultLCID
lstrcmpiW
GetACP
GetDriveTypeW
lstrlenA
HeapReAlloc
FindFirstFileW
FindResourceExW
IsDebuggerPresent
lstrcmpW
LoadResource
DeleteFileW
ole32
CLSIDFromString
CreateStreamOnHGlobal
CoRegisterClassObject
CoCreateInstance
CLSIDFromProgID
OleRun
CoUninitialize
CoResumeClassObjects
StringFromGUID2
CoInitializeSecurity
CoInitialize
CoRevokeClassObject
gdi32
RoundRect
DeleteObject
ExtTextOutW
SetViewportOrgEx
GetClipRgn
CreatePen
PtInRegion
SetTextColor
SetBkColor
GetObjectW
CreateSolidBrush
CreateRectRgn
GetTextExtentPoint32W
SetROP2
CreateCompatibleBitmap
GetTextMetricsW
SelectClipRgn
GetTextExtentExPointW
BitBlt
GetObjectType
GetBkColor
GetDeviceCaps
SetTextAlign
CreateCompatibleDC
CreateRectRgnIndirect
ExtCreatePen
CreateFontIndirectW
DeleteDC
CombineRgn
GetStockObject
TextOutW
Polygon
SelectObject
SetBkMode
msimg32
TransparentBlt
AlphaBlend
GradientFill
user32
OpenClipboard
PtInRect
GetDC
FlashWindow
DrawTextW
GetNextDlgTabItem
ExitWindowsEx
SetForegroundWindow
CopyRect
SetMenuDefaultItem
MapWindowPoints
GetClassInfoW
DrawStateW
GetWindowLongW
MessageBoxW
ReleaseDC
InvalidateRect
GetClientRect
CharNextW
GetDesktopWindow
GetWindowTextLengthW
UnhookWindowsHookEx
UnregisterClassA
GetFocus
SetWindowLongW
GetWindowPlacement
SetCursor
LoadImageW
SetWindowPlacement
GetParent
IsRectEmpty
GetActiveWindow
SetWindowsHookExW
GetKeyState
SetDlgItemTextW
FindWindowExW
CreateDialogParamW
CharUpperBuffW
SystemParametersInfoW
CreateWindowExW
DrawFocusRect
PostQuitMessage
PostMessageW
SetClipboardData
GetMessageW
GetWindowTextW
UpdateWindow
ReleaseCapture
GetSysColor
TabbedTextOutW
MoveWindow
InflateRect
GetWindowDC
IsWindow
GetTopWindow
CallNextHookEx
GetForegroundWindow
IsIconic
GetDlgItem
OffsetRect
EndDialog
GetDlgCtrlID
GetClassNameW
GetWindowThreadProcessId
SetParent
LoadBitmapW
GetGUIThreadInfo
AttachThreadInput
IsWindowVisible
CloseClipboard
SendInput
DestroyWindow
GetSystemMenu
SetWindowTextW
IsWindowEnabled
DefWindowProcW
RegisterClassW
TranslateMessage
GetWindowRect
GetSystemMetrics
DispatchMessageW
DialogBoxParamW
MapDialogRect
PostThreadMessageW
SendMessageW
PeekMessageW
GetClassInfoExW
RegisterClassExW
RedrawWindow
EnableWindow
DrawIconEx
KillTimer
SetRectEmpty
GetCursorPos
CallWindowProcW
SetWindowPos
SetFocus
DestroyIcon
GetCapture
SetCapture
AppendMenuW
RegisterWindowMessageW
EmptyClipboard
GetTabbedTextExtentW
GetWindow
BeginPaint
EndPaint
IsCharAlphaNumericW
SetTimer
ShowWindow
IsDialogMessageW
ScreenToClient
LoadCursorW
shlwapi
PathRemoveFileSpecW
StrRetToStrW
PathAddExtensionW
ColorAdjustLuma
PathSetDlgItemPathW
PathCompactPathExW
PathAppendW
StrChrW
advapi32
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegOpenKeyExA
LookupPrivilegeValueW
RegQueryValueExA
AdjustTokenPrivileges
RegCreateKeyExW
OpenProcessToken
RegCloseKey
RegNotifyChangeKeyValue
comctl32
ImageList_GetImageCount
ImageList_Draw
_TrackMouseEvent
ImageList_Create
InitCommonControlsEx
ImageList_Destroy
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_AddMasked
oleaut32
LoadTypeLi
VariantTimeToSystemTime
SafeArrayLock
SafeArrayCopy
SafeArrayUnlock
VarBstrCmp
SafeArrayRedim
SafeArrayCreate
SysAllocStringLen
SafeArrayUnaccessData
VariantInit
SysAllocString
SysStringByteLen
SysStringLen
SysFreeString
SafeArrayGetVartype
VariantCopyInd
SystemTimeToVariantTime
VariantClear
SafeArrayAccessData
DispCallFunc
LoadRegTypeLi
SafeArrayDestroy
SafeArrayGetUBound
GetErrorInfo
SafeArrayGetLBound
SysAllocStringByteLen
SafeArrayGetDim
iphlpapi
GetTcpTable
GetUdpTable
InternalSetTcpEntry
InternalGetIpNetTable
DeleteIPAddress
InternalGetIpForwardTable
GetAdaptersAddresses
IcmpCloseHandle
do_echo_req
InternalDeleteIpNetEntry
GetTcpStatistics
GetUdpStatisticsEx
FlushIpNetTable
GetIpNetTable
msctf
TF_CreateLangBarMgr
DllRegisterServer
Sections
.text Size: 20KB - Virtual size: 19KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 282KB - Virtual size: 1.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ