Static task
static1
Behavioral task
behavioral1
Sample
b3072180a94eb104a29c6975f15121f3aec72850f73696f0a7659623cd26bc1c.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
b3072180a94eb104a29c6975f15121f3aec72850f73696f0a7659623cd26bc1c.exe
Resource
win10v2004-20220812-en
General
-
Target
b3072180a94eb104a29c6975f15121f3aec72850f73696f0a7659623cd26bc1c
-
Size
490KB
-
MD5
3fb0de59fe23f31bfbe5a8337879f361
-
SHA1
4049bf2159f590b4dcb878eebd1ca161a26b75bd
-
SHA256
b3072180a94eb104a29c6975f15121f3aec72850f73696f0a7659623cd26bc1c
-
SHA512
6610f26e4638945f2604f4e5dbe3453f69dc0b55ade22cd87961c5991f0d3f07acb1f503bd2d27e47b52263ec736778b3bee467a86c23ac3f87807b6b7c8e5f3
-
SSDEEP
12288:qUc6XFxWAmeUDKBBpydGwNgCINCp2tlKrWklk5q0:E0IAJBk2tsiQ0
Malware Config
Signatures
Files
-
b3072180a94eb104a29c6975f15121f3aec72850f73696f0a7659623cd26bc1c.exe windows x86
52bdc4bcef25e219eb546784f07fb64e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
SetStdHandle
MultiByteToWideChar
Sleep
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
SetFilePointer
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
FlushFileBuffers
GetEnvironmentStringsW
SetConsoleTitleA
FreeEnvironmentStringsW
GetModuleFileNameA
InterlockedDecrement
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
LoadLibraryW
HeapSize
WriteConsoleW
LCMapStringW
GetStringTypeW
HeapReAlloc
CreateFileW
LocalFree
CloseHandle
GetCurrentThreadId
QueryPerformanceFrequency
GetModuleHandleA
LoadLibraryA
GlobalFree
GetProcAddress
SetHandleCount
GetLastError
RtlUnwind
CreateFileA
GlobalAlloc
WriteFile
GetProcessHeap
GetCurrentProcess
HeapAlloc
lstrlenA
GetFileSize
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
GetStdHandle
HeapCreate
IsProcessorFeaturePresent
EncodePointer
HeapFree
DeleteCriticalSection
GetModuleHandleW
ExitProcess
DecodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
user32
GetWindow
MoveWindow
MessageBoxA
CheckMenuItem
GetScrollPos
DestroyWindow
GetMessageA
SetTimer
PostQuitMessage
SendDlgItemMessageA
GetSubMenu
LoadMenuA
wsprintfA
GetClientRect
SetFocus
GetWindowTextLengthA
EnumWindows
SetScrollInfo
TranslateMessage
GetMenu
GetDC
InvalidateRect
PeekMessageA
ReleaseDC
EnableMenuItem
GetDlgItem
ScrollWindow
DefWindowProcA
GetCursorPos
LoadAcceleratorsA
ShowWindow
DrawMenuBar
WindowFromDC
DispatchMessageA
CloseWindow
UpdateWindow
EnableWindow
FindWindowA
GetDlgItemTextA
DialogBoxParamA
gdi32
EndPage
BitBlt
LineTo
DeleteDC
CreateFontIndirectA
DeleteObject
SelectObject
CreateCompatibleDC
Rectangle
GetTextMetricsA
EndDoc
GetStockObject
TextOutA
MoveToEx
winspool.drv
ClosePrinter
advapi32
RegCloseKey
RegOpenKeyExW
EqualSid
GetTokenInformation
oleaut32
GetErrorInfo
ws2_32
socket
bind
WSAStartup
mpr
WNetGetUniversalNameA
WNetEnumResourceA
WNetCloseEnum
Sections
.text Size: 65KB - Virtual size: 65KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 15KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 407KB - Virtual size: 415KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ