Static task
static1
Behavioral task
behavioral1
Sample
b0199c1adb811e6b7cb346ad9879cf7215ec244f5f0985f2114a9f21aa3765c5.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
b0199c1adb811e6b7cb346ad9879cf7215ec244f5f0985f2114a9f21aa3765c5.exe
Resource
win10v2004-20220812-en
General
-
Target
b0199c1adb811e6b7cb346ad9879cf7215ec244f5f0985f2114a9f21aa3765c5
-
Size
745KB
-
MD5
5744322e261ab0ab71e11d29f6e927d3
-
SHA1
50d9786728601deae2567da09b04ac5a50f1eccd
-
SHA256
b0199c1adb811e6b7cb346ad9879cf7215ec244f5f0985f2114a9f21aa3765c5
-
SHA512
2e0f10f9d71f9769ddded9bb08e32904ef1cae70142c5394e2df3886dbbd55393492451db2a22f9274f0894d60c8cfc1b9c3cdd60a14c3cd3cecdf3992af455f
-
SSDEEP
12288:5vamhvWqscnvDnD0ZlILzTbDcOyNyLtEv/hMoBbPeg/6nIeR/jeQcsFquU0tJRGZ:thuHo7DKI3TDywLtWMoBTp/6IegZGE
Malware Config
Signatures
Files
-
b0199c1adb811e6b7cb346ad9879cf7215ec244f5f0985f2114a9f21aa3765c5.exe windows x86
22053a428c8e6772509bb9f5ee424cf6
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
FreeEnvironmentStringsA
TlsAlloc
GlobalAddAtomA
SetMessageWaitingIndicator
GetTempFileNameW
SetThreadExecutionState
SetMailslotInfo
GetCPInfo
GetFileAttributesExW
GetOEMCP
CreateIoCompletionPort
GetShortPathNameA
GetACP
SetTimerQueueTimer
LocalSize
GetVolumeInformationA
DebugActiveProcess
IsDBCSLeadByte
CreateFileW
ReplaceFileA
GetTempPathW
FatalExit
TransactNamedPipe
GetLogicalDrives
SizeofResource
SetThreadAffinityMask
GetCurrentDirectoryA
GetVolumeInformationW
ExitProcess
_lcreat
DeleteFileW
FindResourceExA
GetStartupInfoW
lstrcpyA
GetFileAttributesW
DosDateTimeToFileTime
GetProcessShutdownParameters
RequestWakeupLatency
GetSystemWindowsDirectoryW
GetLongPathNameW
SetHandleCount
FlushViewOfFile
GetTimeFormatA
ProcessIdToSessionId
GetEnvironmentVariableA
GetProcessVersion
GetFileAttributesExA
CreateHardLinkA
CompareFileTime
DuplicateHandle
GetModuleFileNameW
EnumTimeFormatsA
user32
DdeInitializeA
IsZoomed
ScrollDC
GetKeyboardLayoutList
OpenDesktopW
GetCapture
IntersectRect
MessageBoxExA
VkKeyScanW
LoadBitmapA
SetPropW
ChangeClipboardChain
SwitchToThisWindow
TranslateMessage
OemKeyScan
GetWindowLongA
DrawIconEx
EnumDesktopsW
GetWindow
ToAscii
GetProcessWindowStation
MessageBoxA
SetWindowsHookA
DdeAddData
DdeSetUserHandle
GetScrollRange
SetClassWord
ScreenToClient
PostThreadMessageW
GetShellWindow
OemToCharA
CreateIconFromResourceEx
CloseWindowStation
WINNLSEnableIME
MessageBoxExW
GetPropW
WinHelpA
GetLastActivePopup
CloseWindow
shlwapi
PathAppendA
Sections
.text Size: 463KB - Virtual size: 462KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 72KB - Virtual size: 2.8MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 195KB - Virtual size: 194KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 5KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ