Static task
static1
Behavioral task
behavioral1
Sample
b7a21ae74a1ac9e6329b5f4a5f0caaf581edd1d13c4c2402bba257592dcc6975.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
b7a21ae74a1ac9e6329b5f4a5f0caaf581edd1d13c4c2402bba257592dcc6975.exe
Resource
win10v2004-20220901-en
General
-
Target
b7a21ae74a1ac9e6329b5f4a5f0caaf581edd1d13c4c2402bba257592dcc6975
-
Size
1.6MB
-
MD5
df05e4fd78c5367a416febabd4105d80
-
SHA1
26184535a5987cf68e32e69cefa6aac7bad0e2f8
-
SHA256
b7a21ae74a1ac9e6329b5f4a5f0caaf581edd1d13c4c2402bba257592dcc6975
-
SHA512
4ba567207ae44fb84bdc0bba799e6f4bc2ba74d0a04db09f8c1b82dbb1d1a9c51eba811f855805d2e9af5040284c103381c98699590df5d56f18c5b7047675f7
-
SSDEEP
24576:yIaadRZEB0ffQJ3O8VAkFblYnERk4ROrejF9IZPFjwFo7lxXs:XcB0ffQJe8/2Eq1fZ9wI2
Malware Config
Signatures
Files
-
b7a21ae74a1ac9e6329b5f4a5f0caaf581edd1d13c4c2402bba257592dcc6975.exe windows x86
394c49de28188f142481038fce77c0a4
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
wtsapi32
WTSEnumerateSessionsA
version
GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA
setupapi
SetupDiCallClassInstaller
SetupDiOpenDeviceInfoA
SetupDiGetDeviceInstallParamsA
mpr
WNetCancelConnection2A
WNetGetConnectionA
shlwapi
PathRemoveExtensionA
PathRemoveFileSpecW
SHDeleteKeyA
PathStripToRootA
PathIsUNCA
PathFindExtensionA
UrlUnescapeA
PathFindFileNameA
kernel32
SetFilePointer
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetVolumeInformationA
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
GetFileSizeEx
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
InterlockedExchange
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThread
SetThreadPriority
SuspendThread
GetCurrentProcessId
GetModuleHandleW
GlobalFlags
GetCPInfo
GetOEMCP
GetAtomNameA
SetErrorMode
GetPrivateProfileIntA
LocalUnlock
ReadFile
RtlUnwind
RaiseException
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualProtect
VirtualAlloc
VirtualQuery
ExitProcess
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
HeapReAlloc
SetStdHandle
GetFileType
ExitThread
HeapSize
GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
FatalAppExitA
VirtualFree
HeapCreate
HeapDestroy
GetStdHandle
GetStringTypeA
GetStringTypeW
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetConsoleCP
GetConsoleMode
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
GetThreadLocale
GetStringTypeExA
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalFindAtomA
CompareStringA
lstrcmpW
GetModuleFileNameW
GlobalSize
ExpandEnvironmentStringsA
PulseEvent
OpenEventA
ReleaseMutex
OpenMutexA
GetExitCodeThread
CreateThread
GetStartupInfoA
GetExitCodeProcess
CreateDirectoryA
lstrcatA
FlushFileBuffers
GetDiskFreeSpaceA
GlobalFree
HeapAlloc
lstrcmpiA
lstrcpyA
GetPrivateProfileSectionA
GetFileTime
CompareFileTime
WritePrivateProfileStringA
CreateToolhelp32Snapshot
Process32First
Process32Next
WaitForMultipleObjectsEx
MoveFileA
LocalAlloc
GetSystemDefaultLCID
GetUserDefaultLCID
QueryDosDeviceA
GetUserDefaultLangID
FormatMessageA
LocalFree
GetSystemInfo
GetVersionExA
InitializeCriticalSection
GetFileSize
DeleteCriticalSection
QueryPerformanceCounter
QueryPerformanceFrequency
WriteFile
OutputDebugStringA
CreateFileA
CopyFileA
WritePrivateProfileSectionA
GetCommandLineA
SetFileAttributesA
MoveFileExA
CreateMutexA
lstrlenW
InterlockedDecrement
GetProcessHeap
HeapFree
InterlockedIncrement
CreateProcessA
WaitForSingleObject
GlobalGetAtomNameA
ResumeThread
OpenProcess
TerminateProcess
GetLogicalDrives
GetDriveTypeA
FindResourceExA
Sleep
SetEvent
CreateEventA
ResetEvent
SetCurrentDirectoryA
GetProfileStringA
WriteProfileStringA
GlobalAlloc
FreeResource
GlobalLock
GlobalUnlock
MulDiv
GetModuleFileNameA
GlobalAddAtomA
GlobalDeleteAtom
GetCurrentThreadId
GetTickCount
DeleteFileA
GetTempFileNameA
lstrlenA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
FreeLibrary
GetSystemDirectoryA
GetShortPathNameA
GetWindowsDirectoryA
GetEnvironmentVariableA
GetTempPathA
GetLocaleInfoA
GetCurrentDirectoryA
GetSystemDefaultLangID
GetLogicalDriveStringsA
RemoveDirectoryA
GetPrivateProfileStringA
FindFirstFileA
lstrcmpA
FindNextFileA
SetLastError
FindClose
GetFullPathNameA
GetFileAttributesA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetCurrentProcess
CloseHandle
GetModuleHandleA
GetLastError
EnterCriticalSection
LeaveCriticalSection
LocalLock
user32
LockWindowUpdate
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
BringWindowToTop
TranslateAcceleratorA
RegisterClipboardFormatA
DestroyMenu
GetMenuItemInfoA
UnregisterClassA
GetDialogBaseUnits
GetSysColorBrush
ShowOwnedPopups
ValidateRect
GetCursorPos
SetWindowRgn
DrawIcon
CharNextA
MessageBeep
GetNextDlgGroupItem
SetWindowContextHelpId
MapDialogRect
SetCapture
InvalidateRgn
SetRect
IsRectEmpty
CopyAcceleratorTableA
CharUpperA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
MapVirtualKeyA
GetKeyNameTextA
ScrollWindowEx
ShowWindow
MoveWindow
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
EnableMenuItem
CheckMenuItem
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetWindowTextLengthA
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
IsWindowVisible
CreateWindowExA
GetClassInfoExA
GetClassInfoA
GetDCEx
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
SetWindowPlacement
GetDlgCtrlID
CallWindowProcA
GetMenu
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
WindowFromPoint
UnionRect
SetParent
GetSystemMenu
UnhookWindowsHookEx
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
EndDialog
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
MsgWaitForMultipleObjects
PostQuitMessage
SetWindowTextA
GetSystemMetrics
LoadStringA
MessageBoxExA
MessageBoxA
EnumWindows
EnumChildWindows
GetWindowTextA
GetWindowModuleFileNameA
GetMessagePos
KillTimer
SetTimer
ScreenToClient
DrawFocusRect
InflateRect
SetRectEmpty
PtInRect
DestroyCursor
LoadCursorA
CopyIcon
SetCursor
GetMessageA
PostThreadMessageA
WaitForInputIdle
IsWindow
RedrawWindow
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
SetForegroundWindow
GetDesktopWindow
InvalidateRect
UpdateWindow
IsIconic
LoadBitmapA
GetDC
SetWindowLongA
ReleaseDC
PeekMessageA
TranslateMessage
DispatchMessageA
PostMessageA
RegisterWindowMessageA
GetSysColor
GetWindowLongA
GetParent
GetNextDlgTabItem
GetClientRect
ReleaseCapture
GetKeyState
ExitWindowsEx
GetWindowRect
LoadIconA
SendMessageA
EnableWindow
DestroyIcon
GetTabbedTextExtentA
IsClipboardFormatAvailable
DeleteMenu
UnpackDDElParam
ReuseDDElParam
LoadMenuA
RegisterClassA
GetMenuBarInfo
DefWindowProcA
gdi32
GetObjectType
EnumMetaFile
PlayMetaFile
CreatePen
ExtCreatePen
CreateHatchBrush
GetRgnBox
GetBkColor
GetTextColor
CreateEllipticRgn
DPtoLP
LPtoDP
PlayMetaFileRecord
SetRectRgn
CombineRgn
GetMapMode
GetTextMetricsA
GetCharWidthA
StretchDIBits
StartDocA
StartPage
EndPage
CreatePatternBrush
AbortDoc
EndDoc
Ellipse
SelectPalette
GetPixel
GetWindowExtEx
GetViewportExtEx
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
DeleteObject
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
CreateDIBPatternBrushPt
DeleteDC
ExtSelectClipRgn
PolyBezierTo
PolylineTo
PolyDraw
ArcTo
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
CreateDCA
CopyMetaFileA
GetTextExtentPoint32A
CreateFontIndirectA
GetStockObject
StretchBlt
BitBlt
GetObjectA
CreateFontA
GetLayout
SetLayout
GetDeviceCaps
CreateCompatibleDC
CreateCompatibleBitmap
SetAbortProc
CreateSolidBrush
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
PatBlt
CreateRectRgnIndirect
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
PtVisible
comdlg32
GetFileTitleA
winspool.drv
EnumMonitorsA
AddMonitorA
EnumPrintersA
GetPrinterDriverA
StartDocPrinterA
StartPagePrinter
EndDocPrinter
EndPagePrinter
GetPrinterA
SetPrinterA
DeletePrinterDriverA
ClosePrinter
DeletePortA
GetPrinterDataA
EnumPortsA
EnumPrinterDriversA
DocumentPropertiesA
GetJobA
OpenPrinterA
DeleteMonitorA
GetPrinterDriverDirectoryA
DeletePrinter
advapi32
SetFileSecurityA
RegQueryValueA
IsTextUnicode
RegSetValueA
RegCloseKey
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegSetValueExA
GetTokenInformation
AllocateAndInitializeSid
EqualSid
LookupAccountSidA
FreeSid
StartServiceA
CreateProcessAsUserA
RegCreateKeyA
RegCreateKeyExA
RegOpenKeyA
RegDeleteKeyA
QueryServiceConfigA
QueryServiceStatus
ControlService
DeleteService
OpenSCManagerA
OpenServiceA
CloseServiceHandle
RegDeleteValueA
RegQueryInfoKeyA
RegEnumValueA
RegOpenKeyExA
RegEnumKeyA
RegQueryValueExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
GetFileSecurityA
oledlg
ord8
ole32
CoGetClassObject
OleUninitialize
CreateStreamOnHGlobal
CoUninitialize
CoCreateInstance
CoInitialize
CoTaskMemFree
SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
OleRegGetUserType
ReadFmtUserTypeStg
ReadClassStg
StringFromCLSID
CoTreatAsClass
CreateBindCtx
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
OleRun
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CLSIDFromProgID
CLSIDFromString
StringFromGUID2
CoDisconnectObject
CoInitializeEx
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
CoRevokeClassObject
CoRegisterClassObject
OleInitialize
CoFreeUnusedLibraries
oleaut32
LoadRegTypeLi
LoadTypeLi
RegisterTypeLi
OleCreateFontIndirect
VarBstrFromDate
VarCyFromStr
VarDecFromStr
VarBstrFromDec
VarBstrFromCy
VarDateFromStr
SysReAllocStringLen
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayCreateVector
SafeArrayCopy
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayDestroy
SystemTimeToVariantTime
VariantTimeToSystemTime
SysStringLen
VariantChangeType
VariantInit
VariantCopy
SafeArrayGetElement
SysFreeString
SysStringByteLen
SysAllocStringByteLen
OleLoadPicturePath
OleLoadPicture
SysAllocString
SysAllocStringLen
VariantClear
GetErrorInfo
SetErrorInfo
CreateErrorInfo
wininet
FtpCreateDirectoryA
InternetErrorDlg
FtpRenameFileA
FtpDeleteFileA
InternetQueryDataAvailable
InternetGetCookieA
HttpOpenRequestA
InternetOpenUrlA
GopherOpenFileA
InternetConnectA
FtpFindFirstFileA
GopherCreateLocatorA
FtpCommandA
FtpOpenFileA
GopherGetAttributeA
HttpSendRequestExA
HttpEndRequestA
HttpSendRequestA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
GopherFindFirstFileA
InternetCloseHandle
InternetFindNextFileA
HttpQueryInfoA
HttpAddRequestHeadersA
FtpRemoveDirectoryA
FtpGetFileA
FtpPutFileA
FtpGetCurrentDirectoryA
FtpSetCurrentDirectoryA
InternetSetCookieA
InternetSetOptionExA
InternetQueryOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA
Sections
.text Size: 904KB - Virtual size: 903KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 268KB - Virtual size: 267KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 44KB - Virtual size: 125KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 424KB - Virtual size: 424KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE