Static task
static1
Behavioral task
behavioral1
Sample
a30fa69f1c643c474f361893942a12df627bad3a5fea299eb7bf64d08fb0ea13.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
a30fa69f1c643c474f361893942a12df627bad3a5fea299eb7bf64d08fb0ea13.exe
Resource
win10v2004-20220812-en
General
-
Target
a30fa69f1c643c474f361893942a12df627bad3a5fea299eb7bf64d08fb0ea13
-
Size
36KB
-
MD5
579c656a40c899501efa6e6bc9d56ed9
-
SHA1
8ee18adc8c47455ea960f63ac77f4bdb7537f596
-
SHA256
a30fa69f1c643c474f361893942a12df627bad3a5fea299eb7bf64d08fb0ea13
-
SHA512
6fe72f6e301711759b8ec6e1444fd9c48932294ea943eccd38f049e6f3b239dd2464f08c82387537a9900def4e5407018866dcec5db2fee0dd154faa849d96b6
-
SSDEEP
768:VfiaZw3GWLJ7rMr7l0nr6bLqJ3GqonUBlJkwWyY:VaaZw2Mprs7l0OE2QBlJP3Y
Malware Config
Signatures
Files
-
a30fa69f1c643c474f361893942a12df627bad3a5fea299eb7bf64d08fb0ea13.exe windows x86
7e29397992f515d6974242e6d86c0620
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
SleepEx
LoadResource
SetFileApisToANSI
FindNextVolumeMountPointA
EnumSystemCodePagesW
lstrcatW
EnumCalendarInfoExW
CreateEventW
Module32Next
UpdateResourceA
FreeEnvironmentStringsW
GetFileAttributesW
HeapSize
EnumTimeFormatsA
FlushViewOfFile
FindNextVolumeW
LocalSize
GetDefaultCommConfigA
GetEnvironmentStringsW
lstrcpy
_lopen
GlobalWire
EnumDateFormatsW
SetProcessWorkingSetSize
RaiseException
SetComputerNameExA
SetMailslotInfo
SetVolumeLabelA
GetConsoleTitleW
RtlMoveMemory
ReplaceFileA
GetDateFormatA
Toolhelp32ReadProcessMemory
Heap32First
SetCommMask
WaitForMultipleObjectsEx
GlobalCompact
UnlockFileEx
GlobalFindAtomW
IsBadStringPtrA
EnumDateFormatsA
GetSystemDefaultLangID
EnumSystemLanguageGroupsW
EnumResourceLanguagesA
EnumUILanguagesA
GlobalLock
LockResource
IsSystemResumeAutomatic
BuildCommDCBA
PeekNamedPipe
GlobalUnWire
SearchPathW
GetDriveTypeA
DisableThreadLibraryCalls
lstrlen
ReadConsoleA
GetCPInfoExW
FlushConsoleInputBuffer
VerLanguageNameW
MoveFileWithProgressW
EnumLanguageGroupLocalesA
GlobalDeleteAtom
GetTickCount
GetLocalTime
LocalAlloc
gdi32
GetMetaFileA
StartPage
FONTOBJ_cGetGlyphs
GdiStartDocEMF
GdiGetPageHandle
CLIPOBJ_cEnumStart
GetRandomRgn
GetTextAlign
RealizePalette
OffsetRgn
GetSystemPaletteUse
GetFontData
GetPixelFormat
PATHOBJ_bEnumClipLines
GetGlyphOutlineA
GetEnhMetaFileW
StretchBlt
GdiDescribePixelFormat
SetTextAlign
GetTextExtentPointW
ResetDCW
EngStretchBltROP
PlgBlt
SetMapperFlags
EngDeleteSemaphore
CreateCompatibleBitmap
GdiPrinterThunk
GdiPlayScript
EngLoadModule
CreatePalette
AbortDoc
CreateFontIndirectA
CreateDIBPatternBrush
EngCreateBitmap
GetEUDCTimeStampExW
EngEraseSurface
GetDeviceCaps
CopyMetaFileW
GetSystemPaletteEntries
EngFreeModule
SelectClipPath
DeviceCapabilitiesExW
SetPolyFillMode
STROBJ_dwGetCodePage
GetEnhMetaFileDescriptionA
Arc
PlayEnhMetaFile
GetRelAbs
GdiEndPageEMF
CreatePolyPolygonRgn
SetWinMetaFileBits
StartDocW
GdiEntry11
GetEnhMetaFileDescriptionW
EndDoc
GetCharWidth32W
GetTextExtentPoint32W
GdiDeleteLocalDC
LPtoDP
SetDCPenColor
Sections
.text Size: 29KB - Virtual size: 28KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ