Static task
static1
Behavioral task
behavioral1
Sample
93801f1d3aae71171265c300ee72067010525270b7ee4c7be1b28d533e745792.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
93801f1d3aae71171265c300ee72067010525270b7ee4c7be1b28d533e745792.exe
Resource
win10v2004-20220901-en
General
-
Target
93801f1d3aae71171265c300ee72067010525270b7ee4c7be1b28d533e745792
-
Size
208KB
-
MD5
11c6eeebfcd8a07f44dc86f29ef43ea0
-
SHA1
1d1544760f339334ea5af41229d8ec02e93a7bf4
-
SHA256
93801f1d3aae71171265c300ee72067010525270b7ee4c7be1b28d533e745792
-
SHA512
2f87aafb27c2276d0eee28f569fadfe23e0912d0125d95ed0cea103c2e4430f0164be86f0474608324d91f7bd24e0e6dddca14b1a23c525ce51547a2cc76e637
-
SSDEEP
1536:acgm/nEfo6ht3QHuKX5olqUquu3XT9C9mhFhxvfxEFFlYyDguf9oLqpT:F/EA6rAHBr9uu3q6FDvZEHlYq99og
Malware Config
Signatures
Files
-
93801f1d3aae71171265c300ee72067010525270b7ee4c7be1b28d533e745792.exe windows x86
368174398ef0ada8a3b39961eccd60d6
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetSystemDirectoryA
GetTickCount
GlobalUnlock
GlobalLock
GlobalAlloc
lstrlenA
CreateProcessA
DeleteFileA
GetCurrentDirectoryA
Sleep
GetSystemTime
CloseHandle
GetLastError
CreateMutexA
GetModuleFileNameA
GetModuleHandleA
GetVolumeInformationA
WriteFile
FindFirstFileA
SetFileAttributesA
GetDriveTypeA
CopyFileW
GetFileAttributesA
SetFileAttributesW
GetFileAttributesW
FindNextFileW
DeleteFileW
FindFirstFileW
CreateThread
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
IsBadCodePtr
SetUnhandledExceptionFilter
CopyFileA
CreateFileA
FindNextFileA
FlushFileBuffers
SetStdHandle
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStartupInfoA
GetFileType
SetEndOfFile
SetHandleCount
SetFilePointer
VirtualAlloc
VirtualFree
RtlUnwind
IsBadWritePtr
IsBadReadPtr
HeapValidate
MultiByteToWideChar
ExitProcess
TerminateProcess
GetCurrentProcess
GetCommandLineA
GetVersion
DebugBreak
GetStdHandle
InterlockedDecrement
OutputDebugStringA
GetProcAddress
LoadLibraryA
InterlockedIncrement
ReadFile
SetConsoleCtrlHandler
WideCharToMultiByte
LCMapStringA
LCMapStringW
HeapAlloc
HeapReAlloc
HeapFree
HeapDestroy
HeapCreate
user32
EmptyClipboard
FindWindowA
CloseClipboard
SendMessageA
OpenClipboard
SetClipboardData
advapi32
RegSetValueExA
RegCreateKeyExA
shell32
ShellExecuteA
SHGetSpecialFolderPathW
ws2_32
closesocket
send
connect
htons
gethostbyname
socket
WSAStartup
recv
urlmon
URLDownloadToFileA
Sections
.text Size: 176KB - Virtual size: 173KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 8KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ