Static task
static1
Behavioral task
behavioral1
Sample
9332fad7fb3513ad7f93cc65a8b3b113cf8b0793b16f8ab542cf3fd93c7a2991.exe
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral2
Sample
9332fad7fb3513ad7f93cc65a8b3b113cf8b0793b16f8ab542cf3fd93c7a2991.exe
Resource
win10v2004-20220812-en
windows10-2004-x64
General
-
Target
9332fad7fb3513ad7f93cc65a8b3b113cf8b0793b16f8ab542cf3fd93c7a2991
-
Size
378KB
-
MD5
76e09d8cfdf763e34f72aedc01375837
-
SHA1
8a3e15c1d638abafd0664217e3df20273de2c38f
-
SHA256
9332fad7fb3513ad7f93cc65a8b3b113cf8b0793b16f8ab542cf3fd93c7a2991
-
SHA512
7c3a009a86768d7afe96b8f90bec6040e675d89e62ca3bd7850e122d2ba733313a925d11f2c1dc44c1f2dad1543b936c716424abdeca7c8cceb9f0fe2c79aef1
-
SSDEEP
6144:c+pElMbl1yf1zYsNywBviKVVRIcfzQRs18S8bNCBrGnfhE3a37cGqx7u65JFQ80u:c+1J1CYsUwiSVRERs18r8InMarJqxC6x
Malware Config
Signatures
Files
-
9332fad7fb3513ad7f93cc65a8b3b113cf8b0793b16f8ab542cf3fd93c7a2991.exe windows x86
22701dbb5fd1403122ca4067abad8879
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetEnvironmentVariableW
BeginUpdateResourceW
GetConsoleTitleA
OpenFileMappingA
GetLargestConsoleWindowSize
GetDiskFreeSpaceExW
GetProfileSectionA
WideCharToMultiByte
VirtualFreeEx
FlushConsoleInputBuffer
GetFileType
Thread32First
SetEnvironmentVariableW
LocalFree
VerLanguageNameA
InterlockedExchange
SetCommMask
GetCommModemStatus
GetCPInfoExW
CreateFileMappingA
WaitForMultipleObjects
CallNamedPipeA
CreateDirectoryA
CreateSemaphoreW
GetFileAttributesExA
GetExitCodeProcess
WritePrivateProfileStructW
FileTimeToSystemTime
SetPriorityClass
GetStringTypeA
SetHandleInformation
GlobalFix
ExpandEnvironmentStringsA
UnhandledExceptionFilter
SetConsoleCtrlHandler
Heap32ListNext
PulseEvent
SetCurrentDirectoryW
GetUserDefaultLCID
VirtualLock
BuildCommDCBA
FatalAppExitW
GetNumberOfConsoleMouseButtons
LoadLibraryExA
RemoveDirectoryA
GetThreadTimes
GetProcessPriorityBoost
GetBinaryTypeA
InitAtomTable
ContinueDebugEvent
DeviceIoControl
SetupComm
FlushFileBuffers
GetCalendarInfoW
ReadConsoleW
GetProfileIntW
GetLocalTime
DefineDosDeviceA
Process32First
CreateDirectoryExW
IsBadReadPtr
HeapAlloc
GetFileAttributesW
LCMapStringW
VirtualProtectEx
OutputDebugStringA
EnumTimeFormatsW
InitializeCriticalSection
GetDriveTypeA
SetDefaultCommConfigA
CreateSemaphoreA
QueryDosDeviceA
ScrollConsoleScreenBufferW
FindFirstChangeNotificationW
GlobalUnlock
FindNextFileA
UpdateResourceA
CompareStringW
SizeofResource
GetHandleInformation
GetProcessWorkingSetSize
FindCloseChangeNotification
GetProcAddress
GlobalFlags
SetHandleCount
GetTempPathW
Toolhelp32ReadProcessMemory
CopyFileA
GetThreadLocale
InterlockedExchangeAdd
HeapValidate
OpenEventA
GetSystemPowerStatus
GetVersion
BuildCommDCBW
SetCommTimeouts
_lopen
lstrcmpA
TerminateProcess
FillConsoleOutputCharacterA
FindClose
EnumCalendarInfoA
SetStdHandle
GlobalUnfix
OpenFile
GetCPInfoExA
HeapCreate
InterlockedCompareExchange
GetThreadSelectorEntry
DosDateTimeToFileTime
GetCurrentProcessId
GetProcessHeap
GlobalDeleteAtom
ReadFileScatter
OpenProcess
SetConsoleTextAttribute
EnumResourceNamesW
_lcreat
MapViewOfFileEx
GetPrivateProfileStringW
ReadConsoleInputA
GetTimeFormatA
GetLongPathNameA
IsBadStringPtrA
GetStringTypeExW
GetProfileSectionW
OpenSemaphoreW
IsSystemResumeAutomatic
WaitForMultipleObjectsEx
CreateToolhelp32Snapshot
GetLocaleInfoA
MapViewOfFile
DeleteFileW
RequestWakeupLatency
EnumSystemLocalesW
lstrcatW
GetDevicePowerState
WriteConsoleOutputCharacterW
GetProfileIntA
SetThreadPriorityBoost
GetModuleHandleA
LocalHandle
WriteConsoleOutputW
lstrcatA
EnumCalendarInfoW
MultiByteToWideChar
EnumSystemCodePagesW
EnumSystemLocalesA
SetEnvironmentVariableA
GetSystemTime
SetProcessPriorityBoost
LocalAlloc
ReleaseMutex
EndUpdateResourceW
GetShortPathNameA
GetNumberFormatA
SetFileTime
PrepareTape
DisableThreadLibraryCalls
GetPrivateProfileSectionNamesW
SystemTimeToFileTime
GetDiskFreeSpaceExA
GlobalFindAtomA
GlobalGetAtomNameW
GetCPInfo
SearchPathA
ResetEvent
CompareFileTime
SetComputerNameA
GetFullPathNameW
FileTimeToLocalFileTime
AddAtomA
SetSystemTimeAdjustment
Sleep
SetLocalTime
CreateMailslotA
SetFileAttributesA
GetTapePosition
GetConsoleTitleW
lstrcpyA
LocalLock
GetCurrentProcess
BackupSeek
IsBadHugeReadPtr
MoveFileW
ReadFileEx
ReadConsoleOutputAttribute
GetPrivateProfileIntW
DeleteCriticalSection
SetCalendarInfoA
GlobalFindAtomW
SetVolumeLabelW
SetMessageWaitingIndicator
GetTempPathA
WriteConsoleInputA
GetACP
WriteProfileStringA
PeekConsoleInputA
WinExec
LoadLibraryW
FoldStringA
GetSystemInfo
Heap32First
PeekNamedPipe
GetPriorityClass
EnumResourceLanguagesW
GlobalReAlloc
GetEnvironmentStrings
EnumSystemCodePagesA
VirtualAlloc
OpenSemaphoreA
RemoveDirectoryW
SetConsoleScreenBufferSize
Module32Next
CreateMutexA
EraseTape
OutputDebugStringW
GetWindowsDirectoryW
GetVersionExW
GetNumberFormatW
GetPrivateProfileIntA
ReadConsoleA
GetWriteWatch
CreateMailslotW
GetConsoleMode
GetTimeZoneInformation
VirtualFree
FlushViewOfFile
GetStringTypeW
LeaveCriticalSection
HeapFree
GetVolumeInformationA
ResumeThread
GlobalMemoryStatus
SetEndOfFile
_llseek
GetStartupInfoA
ReadConsoleOutputA
EnumResourceTypesW
CallNamedPipeW
WaitNamedPipeA
Thread32Next
SearchPathW
GetCommandLineW
GetNumberOfConsoleInputEvents
GetLogicalDriveStringsA
SetLocaleInfoW
FreeLibraryAndExitThread
lstrcpynW
UnlockFileEx
ReadProcessMemory
GlobalAddAtomA
HeapReAlloc
GetAtomNameW
GetVersionExA
user32
BeginDeferWindowPos
GetClipboardViewer
GetInputState
CreateDesktopA
IsWindowVisible
InsertMenuA
EnumThreadWindows
GetMenuState
DefMDIChildProcA
ExitWindowsEx
EqualRect
EnumWindowStationsW
GetWindowContextHelpId
LoadMenuIndirectA
IsDialogMessageW
IsChild
LoadBitmapW
LoadStringW
LoadKeyboardLayoutW
RegisterHotKey
SetScrollInfo
LoadStringA
GetDCEx
PeekMessageA
CreateAcceleratorTableW
TrackPopupMenu
GetWindowDC
FrameRect
RegisterClassA
DefFrameProcW
GetClassInfoExA
GetClassInfoA
SetUserObjectInformationA
SendMessageW
IsCharUpperW
PtInRect
HiliteMenuItem
TranslateAcceleratorA
SetKeyboardState
CharPrevA
SetClassWord
CallWindowProcW
MapVirtualKeyA
SetMenuDefaultItem
CreateDialogParamA
ModifyMenuA
GetKeyboardState
MapWindowPoints
SetWindowLongA
SetDoubleClickTime
GetDialogBaseUnits
ChangeMenuW
GetWindowRgn
GetClassInfoW
ChangeDisplaySettingsW
ChangeDisplaySettingsA
OpenWindowStationW
EnumPropsA
SetWindowsHookA
GetClassLongA
LoadCursorFromFileA
CharUpperA
SubtractRect
SendMessageCallbackA
GetUpdateRgn
GetShellWindow
GetDlgItem
SetRect
BringWindowToTop
PostQuitMessage
SetSystemCursor
ScreenToClient
GetPropW
VkKeyScanW
SetCaretPos
GetTabbedTextExtentA
GetMessageW
CreateWindowExA
GetSystemMenu
PeekMessageW
IsCharAlphaNumericW
PostMessageA
DragObject
IsCharAlphaW
RedrawWindow
GetThreadDesktop
SetForegroundWindow
FindWindowExW
CreateIconIndirect
LoadKeyboardLayoutA
MenuItemFromPoint
EnableMenuItem
MessageBoxW
InsertMenuItemA
UnhookWindowsHook
WaitForInputIdle
GetNextDlgTabItem
DlgDirListComboBoxA
SetScrollPos
CloseClipboard
MoveWindow
ShowWindow
SetDlgItemTextA
DrawStateW
RegisterClassExA
FillRect
CharToOemA
ChangeDisplaySettingsExA
SetCaretBlinkTime
SetThreadDesktop
GetClassNameA
UnionRect
DefDlgProcW
ShowWindowAsync
EnumDesktopWindows
AppendMenuW
CheckDlgButton
LockWindowUpdate
CharLowerA
CreateWindowStationW
LookupIconIdFromDirectoryEx
GetCursorPos
SetDlgItemInt
DialogBoxIndirectParamA
SetCursor
IsDialogMessageA
SetCapture
InSendMessage
OemToCharW
LoadMenuIndirectW
GetDlgItemTextW
GetMenuItemID
ReleaseCapture
SetWindowsHookExW
MapDialogRect
SetDlgItemTextW
SetWindowRgn
GetSystemMetrics
DlgDirSelectExW
GetWindowWord
FindWindowExA
SetMenuItemInfoW
ToUnicode
CreatePopupMenu
wvsprintfA
OpenClipboard
DrawFocusRect
ChildWindowFromPoint
TranslateMDISysAccel
SetUserObjectInformationW
GetDesktopWindow
GetDlgItemInt
GetWindowRect
MsgWaitForMultipleObjects
GetClassInfoExW
UnregisterClassW
SetActiveWindow
SetFocus
GetAsyncKeyState
EndPaint
SetLastErrorEx
ArrangeIconicWindows
ShowCursor
CheckMenuRadioItem
ToAsciiEx
GetMenuContextHelpId
InternalGetWindowText
GetCursor
OemToCharA
GetUpdateRect
GetWindowTextW
SetWindowsHookW
DlgDirSelectComboBoxExW
GetMenu
DispatchMessageA
SwapMouseButton
GetWindow
InsertMenuW
GetKeyboardLayoutNameA
ScrollWindowEx
GetKBCodePage
DefMDIChildProcW
IsCharAlphaNumericA
SetProcessWindowStation
DefDlgProcA
GetScrollRange
RemovePropA
OpenInputDesktop
CallMsgFilterA
IsClipboardFormatAvailable
LoadAcceleratorsW
CharPrevExA
CascadeWindows
GetCaretPos
PostThreadMessageW
GetMessageExtraInfo
GetParent
DrawTextExW
GetMenuItemRect
EnumDesktopsW
GetWindowTextA
GetDlgCtrlID
CreateMenu
CheckRadioButton
GetClipboardData
SetWindowLongW
FindWindowW
SetMessageQueue
CopyAcceleratorTableA
DrawStateA
OpenDesktopW
RegisterClassW
CharNextW
TileWindows
LookupIconIdFromDirectory
DestroyCaret
OemToCharBuffW
GetDC
TranslateMessage
UnregisterHotKey
GetMenuStringW
CreateWindowExW
CopyIcon
CallWindowProcA
gdi32
SetICMProfileA
PolyBezierTo
CreateBitmap
SetViewportOrgEx
CreateMetaFileW
StretchDIBits
GetCharacterPlacementA
GetCharWidth32A
PatBlt
GetColorAdjustment
GetTextMetricsW
RealizePalette
SelectClipRgn
CloseFigure
EndPage
ExtFloodFill
CreateFontIndirectA
AddFontResourceA
PolyPolygon
FixBrushOrgEx
GetGraphicsMode
CreateEnhMetaFileW
GetKerningPairsA
CheckColorsInGamut
PaintRgn
DrawEscape
SetBkColor
PolyTextOutW
GetWinMetaFileBits
GetBoundsRect
InvertRgn
GetBrushOrgEx
SetDeviceGammaRamp
GetTextExtentPoint32A
StrokeAndFillPath
FlattenPath
Chord
SetAbortProc
GetEnhMetaFileBits
Rectangle
GetLogColorSpaceW
ArcTo
CloseMetaFile
FloodFill
SetRectRgn
GetCurrentPositionEx
StretchBlt
GdiSetBatchLimit
CreateFontW
GetClipBox
ExcludeClipRect
BitBlt
GetBkColor
SetEnhMetaFileBits
GetBkMode
GetWindowExtEx
MoveToEx
GetTextFaceW
SetBrushOrgEx
EqualRgn
CreateHalftonePalette
CreateCompatibleDC
GetMetaRgn
CreateRectRgn
GetGlyphOutlineA
StartPage
GetROP2
EnumFontFamiliesExA
CreateMetaFileA
SetGraphicsMode
GetDeviceCaps
GetClipRgn
FillRgn
RoundRect
PlayEnhMetaFileRecord
GetRasterizerCaps
AbortPath
PolyDraw
PtInRegion
GetPaletteEntries
EnumFontFamiliesW
RemoveFontResourceA
CombineRgn
CreateBrushIndirect
DeleteColorSpace
GetTextAlign
CreateDIBSection
GetDCOrgEx
GetPath
GetEnhMetaFilePaletteEntries
GetDIBits
RemoveFontResourceW
GetFontData
GetTextMetricsA
CreateDiscardableBitmap
SetPixelV
GetTextExtentPoint32W
ExtCreatePen
GdiGetBatchLimit
StartDocW
SaveDC
GetEnhMetaFileDescriptionA
Ellipse
EnumFontFamiliesExW
MaskBlt
GetCharWidth32W
CopyMetaFileW
LPtoDP
GetMetaFileW
GetTextExtentExPointA
CreatePenIndirect
GetObjectW
ScaleViewportExtEx
SetBoundsRect
CreateHatchBrush
GetLogColorSpaceA
GetPolyFillMode
RectVisible
EnumObjects
GetICMProfileA
CreateRectRgnIndirect
CreateCompatibleBitmap
CancelDC
GetMiterLimit
LineTo
EndPath
GetCharWidthW
GetNearestPaletteIndex
GetPixel
EnumFontsW
GetFontLanguageInfo
comdlg32
GetSaveFileNameW
ChooseColorA
PageSetupDlgW
PrintDlgA
CommDlgExtendedError
advapi32
StartServiceW
OpenEventLogA
NotifyChangeEventLog
SetServiceBits
GetExplicitEntriesFromAclA
QueryServiceConfigW
UnlockServiceDatabase
QueryServiceLockStatusA
CryptGetHashParam
GetTrusteeTypeA
BuildImpersonateExplicitAccessWithNameW
ReportEventA
SetFileSecurityW
GetAce
SetKernelObjectSecurity
LookupAccountSidW
CryptContextAddRef
BuildTrusteeWithSidA
EnumDependentServicesW
LookupPrivilegeDisplayNameW
CryptSetProviderW
AddAccessAllowedAce
GetAuditedPermissionsFromAclA
GetMultipleTrusteeOperationW
GetSidIdentifierAuthority
AccessCheck
ImpersonateNamedPipeClient
CryptGetDefaultProviderA
SetSecurityDescriptorDacl
RegQueryValueA
GetFileSecurityW
AbortSystemShutdownA
ClearEventLogA
BuildExplicitAccessWithNameA
LookupPrivilegeValueA
CryptSetProviderExW
PrivilegedServiceAuditAlarmW
OpenProcessToken
BuildSecurityDescriptorW
DestroyPrivateObjectSecurity
ChangeServiceConfigW
CryptReleaseContext
RegEnumValueW
CryptSignHashW
CreateServiceA
CryptDestroyKey
LookupPrivilegeDisplayNameA
DuplicateTokenEx
AllocateLocallyUniqueId
ImpersonateLoggedOnUser
ReadEventLogW
GetTrusteeNameW
DuplicateToken
CryptGetKeyParam
PrivilegedServiceAuditAlarmA
GetOldestEventLogRecord
RegisterEventSourceW
InitiateSystemShutdownW
RegEnumKeyExW
SetEntriesInAclA
ObjectPrivilegeAuditAlarmW
InitializeSid
MakeAbsoluteSD
CryptDecrypt
RegLoadKeyA
CryptGetProvParam
CloseServiceHandle
RegDeleteKeyA
StartServiceCtrlDispatcherA
AllocateAndInitializeSid
CryptSetKeyParam
MapGenericMask
RegFlushKey
GetSecurityDescriptorSacl
GetEffectiveRightsFromAclA
GetSidSubAuthority
CryptEnumProviderTypesA
RegQueryInfoKeyW
RegDeleteValueW
ReportEventW
CopySid
QueryServiceConfigA
RegisterEventSourceA
RegDeleteValueA
RegSetValueExW
LookupAccountNameW
InitializeSecurityDescriptor
SetFileSecurityA
LookupPrivilegeNameW
CreateProcessAsUserA
ObjectPrivilegeAuditAlarmA
AccessCheckAndAuditAlarmA
CryptGenKey
CryptEnumProviderTypesW
RegQueryMultipleValuesW
QueryServiceStatus
AddAccessDeniedAce
CloseEventLog
RegCreateKeyA
RegEnumValueA
GetSecurityDescriptorLength
CryptCreateHash
RegQueryValueExW
BuildImpersonateExplicitAccessWithNameA
RegEnumKeyA
AdjustTokenPrivileges
SetAclInformation
SetServiceObjectSecurity
CryptVerifySignatureA
RegLoadKeyW
CryptAcquireContextA
shell32
DragAcceptFiles
FindExecutableW
SHBrowseForFolderA
SHGetFileInfoA
SHFileOperationW
ExtractAssociatedIconW
SHBrowseForFolderW
DuplicateIcon
ShellAboutA
SHInvokePrinterCommandW
ExtractIconExA
ShellExecuteA
DoEnvironmentSubstA
ShellExecuteW
ExtractIconExW
CommandLineToArgvW
SHGetSpecialFolderLocation
SHGetSpecialFolderPathA
ExtractAssociatedIconExW
SHFormatDrive
DragFinish
DragQueryFileA
SHChangeNotify
msvcrt
__p__fmode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
__p__commode
__set_app_type
_except_handler3
_controlfp
Sections
.text Size: 283KB - Virtual size: 284KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 20KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 24KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
5rq.ofhq Size: 44KB - Virtual size: 48KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
e.8h67um Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ