Static task
static1
Behavioral task
behavioral1
Sample
e949177f4407346c17c59a2fc71c21102888ed58ecdc0e99055a82748eb42a12.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
e949177f4407346c17c59a2fc71c21102888ed58ecdc0e99055a82748eb42a12.exe
Resource
win10v2004-20220812-en
General
-
Target
e949177f4407346c17c59a2fc71c21102888ed58ecdc0e99055a82748eb42a12
-
Size
769KB
-
MD5
9b18f21caab92d6f298ebfa7a9c8d466
-
SHA1
dced0a8cbfbba8d264f09002b2e010d8271dfbfa
-
SHA256
e949177f4407346c17c59a2fc71c21102888ed58ecdc0e99055a82748eb42a12
-
SHA512
16ddcda07e3a8161f43473f77008eece41eba8c053b0381c5503f74ab5c11bd5435742ea792e9a6ccae93ff02110129b2b9d456f8f1e4f924cfe52ec3c1fa9be
-
SSDEEP
12288:+g23Mu/EUKicMDsrW4l6xF8u5fvBQN17wHKC1UBpaSptMaqQNbcjpNJ+a0Gie:+gvu/UMI/68YfJQNhc+HcQN44
Malware Config
Signatures
Files
-
e949177f4407346c17c59a2fc71c21102888ed58ecdc0e99055a82748eb42a12.exe windows x86
c5554c63b5e4ea63f353447552c19f96
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CreateMutexA
VirtualProtectEx
HeapFree
FindClose
DeleteFileA
SetStdHandle
ReleaseMutex
OpenEventW
CreateFileMappingW
Sleep
GetFileType
lstrlenA
ResetEvent
CreateFileA
GetCommandLineA
ReleaseSemaphore
GetModuleHandleA
RemoveDirectoryA
GetTickCount
RemoveDirectoryA
CreateDirectoryW
FindClose
WriteFile
GetDriveTypeA
WriteConsoleW
user32
CreateIcon
PeekMessageA
DrawTextW
IsZoomed
GetClassInfoA
IsWindow
DestroyMenu
FindWindowA
DestroyMenu
GetSysColor
MessageBoxA
GetWindowLongA
DispatchMessageA
eappprxy
EapHostPeerEndSession
EapHostPeerEndSession
EapHostPeerEndSession
EapHostPeerEndSession
Sections
.text Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 1.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 760KB - Virtual size: 760KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ