Static task
static1
Behavioral task
behavioral1
Sample
26800915f6ec6e7c9eb79acb7c7fddd111da46ae93eba81777afed832172bf2f.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
26800915f6ec6e7c9eb79acb7c7fddd111da46ae93eba81777afed832172bf2f.exe
Resource
win10v2004-20220812-en
General
-
Target
26800915f6ec6e7c9eb79acb7c7fddd111da46ae93eba81777afed832172bf2f
-
Size
1.8MB
-
MD5
40659d464a616b687dd290e3fbf53c6e
-
SHA1
c6b81d65a2f5dbe6a7c9ddf40d9fbc31cf86063d
-
SHA256
26800915f6ec6e7c9eb79acb7c7fddd111da46ae93eba81777afed832172bf2f
-
SHA512
0330516c8b918108e674f993380024a3793147788915e72191fe64b2f58556f430521b970ab468915d290e6198a34f21d26e9515fea42e1dae0cf418c82fbe43
-
SSDEEP
49152:gGFQaiH0Ym7XUUTrY8V6+PKulzuswv5U4ch:fFaUYmjl0KBzmU5
Malware Config
Signatures
Files
-
26800915f6ec6e7c9eb79acb7c7fddd111da46ae93eba81777afed832172bf2f.exe windows x86
a2e602a058633ff819c091bb0ccf7a65
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
user32
IsWindowEnabled
EnableWindow
MapWindowPoints
SetWindowTextA
GetWindowTextA
GetWindowTextLengthA
IsWindow
UpdateWindow
ShowWindow
IsWindowVisible
GetWindowRect
ReleaseDC
FillRect
GetSysColor
CreateWindowExA
TrackMouseEvent
GetParent
InvalidateRect
EndPaint
BeginPaint
wsprintfA
PostMessageA
FindWindowA
DispatchMessageA
TranslateMessage
GetMessageA
SendMessageA
SetWindowLongA
CharUpperA
GetWindowLongA
CallWindowProcA
GetDC
SetWindowPos
GetDesktopWindow
PostThreadMessageA
GetWindowThreadProcessId
FindWindowExA
MessageBoxA
SetTimer
SetFocus
PostQuitMessage
MoveWindow
DefWindowProcA
RegisterClassExA
LoadCursorA
LoadIconA
GetClassInfoExA
kernel32
GetTempFileNameA
IsBadReadPtr
HeapReAlloc
ExitProcess
LocalFree
LocalAlloc
LocalSize
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
SetThreadContext
GetThreadContext
SuspendThread
GetModuleHandleA
GetSystemDirectoryA
GetLastError
ReadFile
GetFileSize
OpenProcess
ResumeThread
Sleep
WriteFile
GetTempPathA
GlobalFree
GlobalAlloc
CreateFileA
DeviceIoControl
RtlMoveMemory
CloseHandle
LoadLibraryA
GetProcAddress
FreeLibrary
RtlFillMemory
lstrcpyn
GetProcessHeap
HeapAlloc
HeapFree
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
GlobalMemoryStatus
GetDiskFreeSpaceExA
GetCurrentProcess
ReadProcessMemory
CreateThread
WaitForSingleObject
GetTickCount
ole32
CoCreateInstance
IIDFromString
CoInitialize
CoSetProxyBlanket
CoUninitialize
shlwapi
PathFileExistsA
StrToIntA
StrDupA
wsock32
connect
ioctlsocket
htons
closesocket
recv
send
WSAStartup
ws2_32
WSAEventSelect
WSACreateEvent
WSACloseEvent
WSAEnumNetworkEvents
WSASocketA
psapi
GetModuleFileNameExA
advapi32
CloseServiceHandle
OpenSCManagerA
OpenServiceA
CreateServiceA
StartServiceA
ControlService
DeleteService
gdi32
CreateCompatibleDC
GetObjectA
SelectObject
BitBlt
DeleteDC
CreateSolidBrush
CreateFontA
DeleteObject
SetBkColor
SetTextColor
ntdll
NtQuerySystemInformation
Sections
SE Size: 644KB - Virtual size: 644KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
SE Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
SE Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ