Static task
static1
Behavioral task
behavioral1
Sample
b960925e25825dfeb84a17f38fe323b977ec18c102934e599f31c7ae452ac8b4.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
b960925e25825dfeb84a17f38fe323b977ec18c102934e599f31c7ae452ac8b4.exe
Resource
win10v2004-20220901-en
General
-
Target
b960925e25825dfeb84a17f38fe323b977ec18c102934e599f31c7ae452ac8b4
-
Size
758KB
-
MD5
a7226c8a701f698f44a7ca8052f08b0f
-
SHA1
858892895f3411a499d3064942ee50efd7c5122c
-
SHA256
b960925e25825dfeb84a17f38fe323b977ec18c102934e599f31c7ae452ac8b4
-
SHA512
3aca3c84e9198d781e3c7bf379c83445ce59c54c498e3852935de92f999cfd53fb6ef956bd368272b01ffe212f76d5657e7cd7021f5acc06f35be9a5fd1de43f
-
SSDEEP
12288:Z2/NcXgTxYChjKrhGv/DYbdjoFTT5ToPSlvexl/flAF9zLl:U/KXiFh2rhM/Eb18T5sSJKl/mF9Ll
Malware Config
Signatures
Files
-
b960925e25825dfeb84a17f38fe323b977ec18c102934e599f31c7ae452ac8b4.exe windows x86
3b6cef7a3763f719845dc6b51f870f9e
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetCommandLineA
CloseHandle
GetModuleHandleA
GetEnvironmentVariableA
VirtualQuery
GetDriveTypeA
HeapDestroy
HeapCreate
CreateEventA
GetVolumePathNameA
SetLastError
GetConsoleTitleA
GetStartupInfoA
CancelIo
CloseHandle
GetTimeFormatA
TlsGetValue
GetFileAttributesA
lstrlenA
GetCommandLineA
advapi32
IsValidSid
InitializeSid
ClearEventLogW
RegCreateKeyExW
ControlService
RegEnumKeyA
RegQueryValueW
CreateProcessAsUserA
IsTextUnicode
CreateServiceW
IsValidSecurityDescriptor
RegDeleteValueA
IsValidAcl
resutils
ResUtilGetSzValue
ResUtilGetSzValue
ResUtilGetSzValue
ResUtilGetSzValue
Sections
.text Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 512B - Virtual size: 1.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 753KB - Virtual size: 752KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ