Static task
static1
Behavioral task
behavioral1
Sample
c2e8840c642c6f8debe8647e36a5e08f371017d00e6027288972e17eb533f7fa.dll
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
c2e8840c642c6f8debe8647e36a5e08f371017d00e6027288972e17eb533f7fa.dll
Resource
win10v2004-20221111-en
General
-
Target
c2e8840c642c6f8debe8647e36a5e08f371017d00e6027288972e17eb533f7fa
-
Size
24KB
-
MD5
cf5ca0195f91d0dfa365eedf1ea1cdcb
-
SHA1
9ef8633d945cb026c9b30f67b1e0166ab734832b
-
SHA256
c2e8840c642c6f8debe8647e36a5e08f371017d00e6027288972e17eb533f7fa
-
SHA512
02328cc6c08b749e3042a16a32ebdeab3b2be757b243bd38901d6bc04f59c12b5c58a2fff1edf838ee67d6f1dbd4de1a929993b4449d1fd341c92755aee91114
-
SSDEEP
192:gw9P+ZCDWxRUoyea9GXzB6TslZLJgIhqsEXyvY+vGjYE0W3APD:DVEsmRnyqX0Ilwdqv9GjYE0WQP
Malware Config
Signatures
Files
-
c2e8840c642c6f8debe8647e36a5e08f371017d00e6027288972e17eb533f7fa.dll windows x86
1d58e630a78f3f6fa5e0b768e51e5eb6
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
FileTimeToLocalFileTime
FindFirstFileA
DeleteFileA
Sleep
CreateThread
ReadFile
CloseHandle
CreateProcessA
GetSystemDirectoryA
GetStartupInfoA
CreatePipe
TerminateProcess
OpenProcess
FileTimeToSystemTime
Process32First
CreateToolhelp32Snapshot
WaitForSingleObject
TerminateThread
lstrlenA
GetVersionExA
GetComputerNameA
GetLastError
FindNextFileA
FindClose
Process32Next
GetDriveTypeA
advapi32
RegCreateKeyA
RegSetValueExA
RegCloseKey
GetUserNameA
shell32
ShellExecuteA
SHGetFileInfoA
ws2_32
gethostbyname
inet_ntoa
select
inet_addr
connect
htons
socket
WSACleanup
WSAStartup
shutdown
closesocket
send
recv
msvcrt
strtok
fread
fopen
_adjust_fdiv
malloc
_initterm
free
strstr
ftell
strcspn
atoi
??2@YAPAXI@Z
??3@YAXPAX@Z
time
fseek
sprintf
fclose
fwrite
urlmon
URLDownloadToFileA
Sections
.text Size: 8KB - Virtual size: 6KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 4KB - Virtual size: 780B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ