Static task
static1
Behavioral task
behavioral1
Sample
b12cffd8ab4ffb3030b2763324eaaae36f05a5a0779896f8884d019091c0e460.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
b12cffd8ab4ffb3030b2763324eaaae36f05a5a0779896f8884d019091c0e460.exe
Resource
win10v2004-20221111-en
General
-
Target
b12cffd8ab4ffb3030b2763324eaaae36f05a5a0779896f8884d019091c0e460
-
Size
37KB
-
MD5
f111906825ff60f1169eb093a497011d
-
SHA1
36e62a996bc4cefd9f9f9e052ce3a81fdbc13dae
-
SHA256
b12cffd8ab4ffb3030b2763324eaaae36f05a5a0779896f8884d019091c0e460
-
SHA512
a9f2ac7c829297f67981f971aacf4877eee0c1f13e6ed3829f1166ed826ade7a8680a929c2dba49c7d39a39e08ebf913389de856b54287c2670f4d5ebb834b2a
-
SSDEEP
768:mwTHHQiGBvBziTjEt2ZhwzYO4Kg+Q0pvuMhkzSwaDtf8Ti:mwje1B2TM2ZM/QCvuYeI58Ti
Malware Config
Signatures
Files
-
b12cffd8ab4ffb3030b2763324eaaae36f05a5a0779896f8884d019091c0e460.exe windows x86
376d77f2af83ffe7270e00e99d696db4
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
mfc42
ord850
ord1572
ord2044
ord6383
ord5440
ord2107
ord5834
ord2448
ord6394
ord5450
ord2841
ord3663
ord2818
ord536
ord924
ord922
ord539
ord861
ord356
ord2770
ord668
ord941
ord5683
ord4129
ord858
ord2915
ord540
ord4202
ord2764
ord825
ord537
ord561
ord823
ord860
ord535
ord800
ord815
msvcrt
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
_XcptFilter
_exit
??1type_info@@UAE@XZ
_onexit
__p__commode
_CxxThrowException
_itoa
_mbscmp
fscanf
strncmp
rename
strchr
strncat
strcat
_stricmp
__p__fmode
__set_app_type
__dllonexit
_controlfp
strstr
malloc
memcpy
strlen
__CxxFrameHandler
memset
fread
fseek
strcpy
fwrite
_strnicmp
fputc
fclose
_except_handler3
fopen
printf
exit
kernel32
GetProcessHeap
lstrcatA
lstrlenA
Sleep
MultiByteToWideChar
ExpandEnvironmentStringsA
DeleteFileA
CopyFileA
GetModuleFileNameA
GetTempPathA
GetTickCount
HeapAlloc
CreateThread
SetErrorMode
GetLastError
CreateMutexA
GetModuleHandleA
FreeLibrary
MapViewOfFile
CreateFileMappingA
GetFileSize
UnmapViewOfFile
GetWindowsDirectoryA
GetProcAddress
LoadLibraryA
GetShortPathNameA
Module32First
CreateToolhelp32Snapshot
CloseHandle
Process32Next
Process32First
TerminateProcess
OpenProcess
FreeResource
CreateFileA
LoadResource
FindResourceA
GetSystemDirectoryA
HeapFree
user32
DefWindowProcA
LoadIconA
RegisterClassA
PostQuitMessage
SetTimer
UpdateWindow
GetMessageA
GetClassNameA
CreateWindowExA
KillTimer
GetWindow
SetWindowLongA
GetWindowLongA
ShowWindow
GetWindowThreadProcessId
wsprintfA
GetDesktopWindow
GetTopWindow
gdi32
GetStockObject
advapi32
InitializeSecurityDescriptor
RegQueryValueExA
FreeSid
RegCloseKey
RegSetKeySecurity
SetSecurityDescriptorDacl
AddAccessAllowedAce
InitializeAcl
GetLengthSid
AllocateAndInitializeSid
RegOpenKeyExA
RegEnumValueA
RegEnumKeyExA
ole32
CoInitialize
CoUninitialize
CoInitializeEx
CoCreateInstance
oleaut32
VariantClear
SysFreeString
msvcp60
??0Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
wininet
InternetCloseHandle
InternetOpenUrlA
InternetOpenA
rpcrt4
UuidCreateSequential
Sections
.text Size: 27KB - Virtual size: 27KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 48KB - Virtual size: 48KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ