Static task
static1
Behavioral task
behavioral1
Sample
b53c62ed06261a61bdf329d697e9241c942374c1c14c22959771ff08867cea05.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
b53c62ed06261a61bdf329d697e9241c942374c1c14c22959771ff08867cea05.exe
Resource
win10v2004-20221111-en
General
-
Target
b53c62ed06261a61bdf329d697e9241c942374c1c14c22959771ff08867cea05
-
Size
536KB
-
MD5
f2b3beb4f3fdc2e2cafa26030f9e3501
-
SHA1
0a3b111fce54ee1c7205cc17977400b5fb47c8a1
-
SHA256
b53c62ed06261a61bdf329d697e9241c942374c1c14c22959771ff08867cea05
-
SHA512
96f5bd79629f64e668219e233f2c5ce9e57e3125c4e0b9721135c0d60d599564a94790210618f6897759378d3c46a85f762852e2490ea475f62c992e220da020
-
SSDEEP
12288:3MMnMMMMMUOzfWyPuYAnBJnaZCtv2dEa53y6upbUh2gGf1ZLBjV:3MMnMMMMMzWYc2cYdEa5fupbLgWT9jV
Malware Config
Signatures
Files
-
b53c62ed06261a61bdf329d697e9241c942374c1c14c22959771ff08867cea05.exe windows x86
238560915f873f897680e2f2a2901c93
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ole32
CoInitializeEx
CoTaskMemFree
CoCreateInstance
CoUninitialize
iphlpapi
GetAdaptersInfo
NotifyAddrChange
NotifyRouteChange
GetAdaptersAddresses
kernel32
SetLastError
CreateTimerQueueTimer
SetUnhandledExceptionFilter
GetTickCount
UnregisterWait
VirtualAlloc
ReleaseMutex
InterlockedIncrement
InitializeCriticalSection
QueryPerformanceCounter
DeviceIoControl
WaitForSingleObject
CreateFileW
GetSystemTimeAsFileTime
HeapReAlloc
GetLastError
UnhandledExceptionFilter
CreateMutexA
Sleep
ReadFile
DeleteCriticalSection
DeleteTimerQueueTimer
GetCurrentProcess
GetComputerNameExW
LeaveCriticalSection
LoadLibraryW
MultiByteToWideChar
InterlockedExchange
HeapCreate
EnterCriticalSection
CreateMutexW
TerminateProcess
DeleteTimerQueue
HeapAlloc
WideCharToMultiByte
RegisterWaitForSingleObject
BindIoCompletionCallback
CloseHandle
QueueUserWorkItem
GetCurrentProcessId
UnregisterWaitEx
CreateEventW
HeapDestroy
DisableThreadLibraryCalls
CreateTimerQueue
ExpandEnvironmentStringsW
WriteFile
GetProcAddress
FreeLibrary
ChangeTimerQueueTimer
SetEvent
GetCurrentThreadId
ddraw
DirectDrawCreate
mswsock
GetAcceptExSockaddrs
AcceptEx
dnsapi
DnsReplaceRecordSetW
ntdll
RtlInitUnicodeString
NtWaitForMultipleObjects
RtlAdjustPrivilege
msvcrt
_except_handler3
swprintf
free
memcpy
wcsncpy
strlen
wcscmp
wcscpy
memcmp
wcslen
malloc
memset
wcscat
memmove
_adjust_fdiv
_initterm
_wcsicmp
wcschr
ws2_32
WSALookupServiceNextW
getnameinfo
WSAIoctl
WSALookupServiceEnd
WSASocketW
WSAStringToAddressA
WSAEventSelect
freeaddrinfo
getaddrinfo
WSARecvFrom
WSALookupServiceBeginW
WSASendTo
WSAAddressToStringW
WSAAddressToStringA
advapi32
SetServiceStatus
RegEnumKeyExW
RegOpenKeyExW
CryptReleaseContext
RegEnumValueW
RegCloseKey
CryptAcquireContextW
RegisterServiceCtrlHandlerW
CryptGenRandom
RegQueryValueExW
Sections
.text Size: 4KB - Virtual size: 880B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.idata Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 88KB - Virtual size: 87KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 2.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 4KB - Virtual size: 64B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.rdata Size: 424KB - Virtual size: 422KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ