Static task
static1
Behavioral task
behavioral1
Sample
ce8fdd03ebf2d44c57d16be35ac7f452a62830f3d83a606890cc3c58d3382964.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
ce8fdd03ebf2d44c57d16be35ac7f452a62830f3d83a606890cc3c58d3382964.exe
Resource
win10v2004-20220812-en
General
-
Target
ce8fdd03ebf2d44c57d16be35ac7f452a62830f3d83a606890cc3c58d3382964
-
Size
55KB
-
MD5
dd7e6d3880015412aa447566936e104b
-
SHA1
466dd66a494f36b28d34e579864acda9cccf1e9d
-
SHA256
ce8fdd03ebf2d44c57d16be35ac7f452a62830f3d83a606890cc3c58d3382964
-
SHA512
c7fd38fac0332164c6f848656082e9cf713b8d655eac687084a0782bf8391f547d84e798ff1e7fd4f8de83eb9f143951b1a1bf40e488a43826896744d279edcc
-
SSDEEP
1536:s150K7Ci3Bi1C0QBcl1wBoeMahz0Q0WcMMMMMMMmMMMMKflt:60U5Bi1CxBcP5Cz0ljMMMMMMMmMMMMKf
Malware Config
Signatures
Files
-
ce8fdd03ebf2d44c57d16be35ac7f452a62830f3d83a606890cc3c58d3382964.exe windows x86
90048cbd5b405bac33c4f7121418ac5f
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
user32
CheckMenuItem
LoadIconA
OpenClipboard
GetCursorPos
MoveWindow
ReleaseDC
InflateRect
GetActiveWindow
PtInRect
TrackPopupMenu
LoadStringW
DefWindowProcW
GetMenuStringW
SendMessageW
SetWindowTextW
GetWindowLongW
GetWindowTextLengthA
DestroyMenu
DestroyIcon
AllowSetForegroundWindow
UnregisterClassA
GetMenu
RegisterClassW
SetCapture
SetWindowPos
SetActiveWindow
PostMessageW
GetClientRect
CreateWindowExW
GetSubMenu
kernel32
InitializeCriticalSection
GetEnvironmentStringsW
WaitForSingleObject
DeleteCriticalSection
QueryPerformanceCounter
GetVersionExA
InterlockedCompareExchange
FindClose
CloseHandle
TlsSetValue
SetFilePointerEx
WideCharToMultiByte
HeapReAlloc
EnterCriticalSection
FlushFileBuffers
GetStartupInfoW
GetFileType
FreeLibraryAndExitThread
WriteFile
GetCPInfo
GetModuleFileNameW
GetProcessHeap
WaitForSingleObjectEx
GetCurrentProcessId
GetLastError
GetModuleHandleW
VirtualAlloc
InterlockedDecrement
TryEnterCriticalSection
GetModuleHandleA
TlsGetValue
ReadFile
InterlockedIncrement
MultiByteToWideChar
LoadLibraryA
ExitProcess
GetACP
GetVersionExW
IsDebuggerPresent
LeaveCriticalSection
RaiseException
RegisterWaitForSingleObject
GetCommandLineA
TlsAlloc
GetCurrentThreadId
HeapAlloc
GetStdHandle
SetLastError
HeapFree
GetCurrentProcess
GetTickCount
InterlockedExchange
SetEvent
TerminateProcess
LocalFree
GetFileSizeEx
UnhandledExceptionFilter
CreateThread
GetFileSize
CreateFileA
CreateFileW
InitializeCriticalSectionAndSpinCount
SetFilePointer
SetUnhandledExceptionFilter
GetStartupInfoA
FreeLibrary
GetSystemTimeAsFileTime
Sleep
GetModuleFileNameA
gdi32
CreateSolidBrush
CreatePolygonRgn
CreateRectRgn
CreateFontIndirectW
CreateDCA
shlwapi
PathFindFileNameA
PathIsURLW
PathCanonicalizeW
PathRenameExtensionW
PathRemoveBlanksW
PathRemoveFileSpecA
PathAddBackslashA
SHCreateStreamOnFileW
SHGetValueW
PathCommonPrefixW
PathRemoveExtensionW
PathIsRelativeW
PathStripToRootW
SHDeleteKeyW
PathAddBackslashW
PathFindExtensionW
PathRemoveBackslashW
PathCombineW
PathFileExistsW
PathAppendW
PathFindFileNameW
SHSetValueW
PathStripPathW
PathRemoveFileSpecW
PathAppendA
AssocQueryStringW
PathFileExistsA
StrCmpW
StrStrIW
PathIsDirectoryW
StrCmpNIW
StrToIntW
StrStrW
StrCmpNW
StrStrIA
StrToIntExW
PathIsFileSpecW
PathRelativePathToW
SHDeleteValueW
PathIsRootW
StrCmpIW
PathFindExtensionA
setupapi
SetupUninstallOEMInfA
msvcrt
_onexit
__dllonexit
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
_wcmdln
exit
_XcptFilter
_exit
strlen
Sections
.text Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 29KB - Virtual size: 112KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 11KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ