Static task
static1
Behavioral task
behavioral1
Sample
ba4d40df2f894a7e0d03a88c6b6f1f0fb55ee1bd434b5bfb7c8be08d8cd34948.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
ba4d40df2f894a7e0d03a88c6b6f1f0fb55ee1bd434b5bfb7c8be08d8cd34948.exe
Resource
win10v2004-20220901-en
General
-
Target
ba4d40df2f894a7e0d03a88c6b6f1f0fb55ee1bd434b5bfb7c8be08d8cd34948
-
Size
850KB
-
MD5
fe621a13f827f43381b5daa56aeaba67
-
SHA1
c212f1c658deb009597028dd56ec84bcb15182e4
-
SHA256
ba4d40df2f894a7e0d03a88c6b6f1f0fb55ee1bd434b5bfb7c8be08d8cd34948
-
SHA512
7e97f2209c38c5ef6c923db0018f0e50a0cec950719455b775acf3ff5aff696d460297e1264c25a2fcc087c67b2f77dbb633d42b1fff6381314ee6063890e77e
-
SSDEEP
24576:0hyKAK5eOTwVvpt9CQdFQAiiCjLcMQBiu:uye9T03BFtiiC3
Malware Config
Signatures
Files
-
ba4d40df2f894a7e0d03a88c6b6f1f0fb55ee1bd434b5bfb7c8be08d8cd34948.exe windows x86
a4cb6af3db0feca85ce1ef64a77ee6ef
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
AllocateUserPhysicalPages
GetConsoleFontSize
DeleteFiber
CompareStringA
FindNextVolumeW
GetEnvironmentStringsW
FreeEnvironmentStringsW
IsValidCodePage
TryEnterCriticalSection
GetConsoleMode
BaseCleanupAppcompatCacheSupport
lstrcpynW
DeleteFileA
UnlockFile
RegisterWowBaseHandlers
FindNextFileA
PeekNamedPipe
FormatMessageA
CreateDirectoryExW
LoadLibraryA
CreateMutexA
GetTickCount
Process32NextW
GlobalHandle
GetDateFormatW
EnumerateLocalComputerNamesW
VirtualAlloc
RequestWakeupLatency
GetProcessVersion
InitializeCriticalSectionAndSpinCount
GetStringTypeExW
LZOpenFileW
RtlCaptureStackBackTrace
CmdBatNotification
UnlockFileEx
WriteConsoleInputA
GetConsoleAliasesLengthA
SetThreadIdealProcessor
LZCopy
GetCurrentProcess
Process32FirstW
userenv
RsopFileAccessCheck
ExpandEnvironmentStringsForUserA
GetAllUsersProfileDirectoryW
CreateEnvironmentBlock
LeaveCriticalPolicySection
DeleteProfileW
GetPreviousFgPolicyRefreshInfo
UnloadUserProfile
ForceSyncFgPolicy
RegisterGPNotification
GetUserProfileDirectoryW
GetGPOListA
UnregisterGPNotification
GetNextFgPolicyRefreshInfo
ProcessGroupPolicyCompletedEx
GetUserProfileDirectoryA
FreeGPOListA
WaitForMachinePolicyForegroundProcessing
FreeGPOListW
user32
MapVirtualKeyExW
CreateIconIndirect
DrawStateA
SetMenuItemInfoW
DeferWindowPos
UnloadKeyboardLayout
OpenDesktopA
UnhookWindowsHook
GetCursorFrameInfo
ShowWindowAsync
ChangeMenuA
BuildReasonArray
TranslateMessage
GetTitleBarInfo
EmptyClipboard
Sections
.text Size: 735KB - Virtual size: 734KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 107KB - Virtual size: 107KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 1.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ