Static task
static1
Behavioral task
behavioral1
Sample
422dc4d50a3012c98098b41cdbb271f4fedbcd51420cb74f59739e6cdfe7aff6.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
422dc4d50a3012c98098b41cdbb271f4fedbcd51420cb74f59739e6cdfe7aff6.exe
Resource
win10v2004-20221111-en
General
-
Target
422dc4d50a3012c98098b41cdbb271f4fedbcd51420cb74f59739e6cdfe7aff6
-
Size
304KB
-
MD5
dd5c09543d4706e7aa5751968093f1fb
-
SHA1
1662ac2487c6bd1f7760ac88f8879f74a0b1fca6
-
SHA256
422dc4d50a3012c98098b41cdbb271f4fedbcd51420cb74f59739e6cdfe7aff6
-
SHA512
e501aebd656ece0adc407af49a52141d93bf43eaf2ad6564e88cd72ea535e387b2abe371a24b7c03464dc8c72b11ba6c623ca47390f20ba3e46433a3baaa945c
-
SSDEEP
6144:6bwthxDyE9CG7o8pT+2ZiV1cysLw+1jyCABDWkygqz:bnDyICgzTy3cySw6j0BDVXq
Malware Config
Signatures
Files
-
422dc4d50a3012c98098b41cdbb271f4fedbcd51420cb74f59739e6cdfe7aff6.exe windows x86
9efe1983d2b6f6c4bd2072914231b33d
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetLongPathNameW
SetEnvironmentVariableW
FindResourceW
CreateDirectoryA
GetPrivateProfileIntW
GetExitCodeProcess
GetPrivateProfileSectionA
GetModuleHandleA
GetDiskFreeSpaceA
WaitForMultipleObjects
GetPrivateProfileIntW
Sleep
lstrcmpiA
lstrcmpA
GetFileAttributesA
LoadLibraryExW
InterlockedIncrement
GetDiskFreeSpaceA
SetFilePointer
Sleep
Sleep
InterlockedExchange
HeapCreate
catsrv
OpenComponentLibraryTS
GetCatalogCRMClerk
CreateComponentLibraryTS
DllCanUnloadNow
Sections
.text Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 3KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 297KB - Virtual size: 297KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE