Static task
static1
Behavioral task
behavioral1
Sample
c879d76b9ac08c98319a802a7b8f4acf7f3d3055e893f94bb83787a83d0f23c5.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
c879d76b9ac08c98319a802a7b8f4acf7f3d3055e893f94bb83787a83d0f23c5.exe
Resource
win10v2004-20220812-en
General
-
Target
c879d76b9ac08c98319a802a7b8f4acf7f3d3055e893f94bb83787a83d0f23c5
-
Size
346KB
-
MD5
70ef95b31363c5df0d0ffc22582ab814
-
SHA1
981f70d8b26f7699ec59e27a5f6bdcf62fd7bb1b
-
SHA256
c879d76b9ac08c98319a802a7b8f4acf7f3d3055e893f94bb83787a83d0f23c5
-
SHA512
703db8249bb5627adbc4fb8e6952a66e9a5835570f0b896de0b709c179a5533e442c91eb9822030c6c0aba68841a9f68465dc90d9ff8e4563a005cce4b1bb9e1
-
SSDEEP
6144:5yYntzCdvYfgCZBN1LvXakhgcm2Az2TaVRqhA9I2PrIE+VbS8N/ywD:5yYntzCZkj1rXxm2Az2Gf9bDYVXbD
Malware Config
Signatures
Files
-
c879d76b9ac08c98319a802a7b8f4acf7f3d3055e893f94bb83787a83d0f23c5.exe windows x86
d571f8b03453226f3868e0b74e635c7f
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
SetStdHandle
WriteConsoleW
HeapSize
SetFilePointer
FlushFileBuffers
GetConsoleMode
GetConsoleCP
IsProcessorFeaturePresent
CreateFileW
GetStringTypeW
MultiByteToWideChar
LCMapStringW
HeapCreate
LoadLibraryW
RtlUnwind
LocalFree
CloseHandle
LocalAlloc
GetLastError
lstrcmpiA
HeapReAlloc
ExitThread
SetCommState
GetTickCount
HeapFree
Sleep
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetSystemTimeAsFileTime
GetCommState
GetCurrentProcess
HeapAlloc
CreateFileA
GetCommandLineA
HeapSetInformation
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
DecodePointer
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetProcAddress
EnterCriticalSection
LeaveCriticalSection
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
QueryPerformanceCounter
GetCurrentProcessId
user32
SetDlgItemTextA
GetClassNameA
IsIconic
GetParent
GetClientRect
GetMenu
GetDlgItem
EndDialog
DefWindowProcA
LoadAcceleratorsA
ShowWindow
GetActiveWindow
SendMessageW
GetDlgItemTextA
shell32
SHGetFolderLocation
ord155
SHGetFileInfoA
ole32
CoTaskMemFree
CoCreateInstance
comctl32
ord17
activeds
ord15
ord14
Sections
.text Size: 254KB - Virtual size: 253KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 75KB - Virtual size: 74KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 11KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ