Static task
static1
Behavioral task
behavioral1
Sample
a8404dadaf2913b7a55f6c0b7aaaebd729267328c17d14eb2c75b2f6ed17dde1.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
a8404dadaf2913b7a55f6c0b7aaaebd729267328c17d14eb2c75b2f6ed17dde1.exe
Resource
win10v2004-20220901-en
General
-
Target
a8404dadaf2913b7a55f6c0b7aaaebd729267328c17d14eb2c75b2f6ed17dde1
-
Size
180KB
-
MD5
adb9dc8161ecc8905b6e21d74be9619b
-
SHA1
2099763eafb37ffe2cab99dd4680ef03c3e6f5ac
-
SHA256
a8404dadaf2913b7a55f6c0b7aaaebd729267328c17d14eb2c75b2f6ed17dde1
-
SHA512
76d18b2e91db7f067c921537251a19a2da1052fe7f9e6c9dd166adbfb57e356038203805c0fbc59b7a7af1f0c938b1cb8898a63a3673286c07d082986d55e62b
-
SSDEEP
1536:fSwjT3ZwZ/n29LGkzLDzSm3vIwTBea8wjX+SRIcp4pjxq9ePV5rO+9gYcaGdu0:fSwjTJy/29KOfOm/IMoiX+EpkWV
Malware Config
Signatures
Files
-
a8404dadaf2913b7a55f6c0b7aaaebd729267328c17d14eb2c75b2f6ed17dde1.exe windows x86
4465e256ac71ce1e2abcb9d6d3721a3f
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CopyFileA
GetFullPathNameA
GetCurrentProcessId
CreateFileA
FindNextFileA
UnhandledExceptionFilter
Sleep
QueryPerformanceCounter
GetSystemTimeAsFileTime
CreateFileMappingA
GetTickCount
GetLastError
GetFileInformationByHandle
RemoveDirectoryA
UnmapViewOfFile
GetProcAddress
CloseHandle
SetFileAttributesA
GetTempFileNameA
FindClose
HeapAlloc
MapViewOfFile
TerminateProcess
GetFileSize
LocalAlloc
GetCurrentThreadId
LoadLibraryA
OutputDebugStringA
FindFirstFileExA
GetFileAttributesExA
ExpandEnvironmentStringsA
DeleteFileA
GetTempPathA
FreeLibrary
WriteFile
GetPrivateProfileSectionA
SetFilePointer
GetPrivateProfileStringA
SetLastError
SetUnhandledExceptionFilter
GetModuleHandleW
HeapFree
OpenProcess
SetEndOfFile
GetProcessHeap
SetCurrentDirectoryA
GetModuleHandleA
LocalFree
GetFileAttributesA
SetErrorMode
user32
GetWindowPlacement
FindWindowA
advapi32
LookupPrivilegeValueA
OpenProcessToken
AdjustTokenPrivileges
Sections
.text Size: 72KB - Virtual size: 70KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 1.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 100KB - Virtual size: 98KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ