Static task
static1
Behavioral task
behavioral1
Sample
e5af030d3c96f652608fc844511dd173e02fec846ce725424104b859d71aa9af.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
e5af030d3c96f652608fc844511dd173e02fec846ce725424104b859d71aa9af.exe
Resource
win10v2004-20220901-en
General
-
Target
e5af030d3c96f652608fc844511dd173e02fec846ce725424104b859d71aa9af
-
Size
136KB
-
MD5
53bef3091df710278ce99aa31ccc55b8
-
SHA1
a59a6e7257cad90c978314719e3669c40f6f255b
-
SHA256
e5af030d3c96f652608fc844511dd173e02fec846ce725424104b859d71aa9af
-
SHA512
0582781a82a51b6dbb846100da898dd80a3fd62c93a7966152974f71a6df7f9f53a52d3d58d0ae336e7c54224beabc8d581b32fd930bc2455724a0af84264c6c
-
SSDEEP
3072:sry0F34H6crHUZLP3Udrx0TCKVypu35rv8PghkDh05J0AKqDl8:sry0q6qHN03Vyq5rEP/h4J5x58
Malware Config
Signatures
Files
-
e5af030d3c96f652608fc844511dd173e02fec846ce725424104b859d71aa9af.exe windows x86
6eace2fa5690728af64bbfc1c7bbe604
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
msvcrt20
_wspawnlp
_commit
?underflow@filebuf@@UAEHXZ
?freeze@strstreambuf@@QAEXH@Z
_wperror
??0ostream@@QAE@PAVstreambuf@@@Z
?eback@streambuf@@IBEPADXZ
_aexit_rtn
strtok
strtol
_strncoll
_wchdir
_tell
??_7filebuf@@6B@
?seekoff@filebuf@@UAEJJW4seek_dir@ios@@H@Z
_atoldbl
??_Diostream@@QAEXXZ
?tellp@ostream@@QAEJXZ
??0ostream_withassign@@QAE@PAVstreambuf@@@Z
_ismbcspace
__p__mbctype
vfprintf
??0ostream@@IAE@ABV0@@Z
?setlock@ios@@QAAXXZ
__p__wpgmptr
__p__commode
?_set_new_mode@@YAHH@Z
??_8strstream@@7Bistream@@@
_setmbcp
strcspn
?is_open@ofstream@@QBEHXZ
??0ifstream@@QAE@HPADH@Z
??_7ostream@@6B@
kernel32
LoadLibraryA
BuildCommDCBAndTimeoutsA
GetNativeSystemInfo
GetTapeParameters
SetSystemTime
ConvertThreadToFiber
ExitProcess
GetConsoleProcessList
QueryDosDeviceA
SetFileShortNameW
QueryActCtxW
GetVolumeInformationW
GetVolumePathNamesForVolumeNameW
OpenEventA
VirtualAlloc
GetStartupInfoA
LeaveCriticalSection
GlobalCompact
DeleteAtom
UnlockFileEx
VDMConsoleOperation
RegisterWaitForInputIdle
EnterCriticalSection
GetCommModemStatus
EnumTimeFormatsA
AddRefActCtx
SetThreadPriorityBoost
GetProfileStringA
DeleteCriticalSection
GetExitCodeThread
GetModuleFileNameA
_lopen
QueueUserAPC
GetSystemDirectoryA
GetVolumeInformationA
GetNamedPipeHandleStateW
wldap32
ldap_next_attributeW
ldap_search_stA
ldap_bind_sA
ldap_count_valuesA
ldap_modify_extA
ldap_memfreeA
ldap_modrdn
ldap_start_tls_sW
ldap_rename_ext
ldap_modrdn2
ldap_add_sA
ber_next_element
ldap_startup
ldap_sslinitA
ldap_get_values_len
ldap_deleteA
ldap_parse_resultW
ldap_parse_extended_resultA
ldap_count_values_len
ldap_modrdnA
ldap_count_values
ldap_set_dbg_flags
ldap_unbind
ber_first_element
ldap_cleanup
ldap_get_next_page_s
ldap_add_ext
ldap_modrdn2_sA
ldap_search_abandon_page
LdapGetLastError
ldap_search_stW
ldap_initA
ldap_search_st
ldap_add_sW
ldap_compare_s
ldap_ufn2dnW
ldap_modify_s
ldap_abandon
ldap_extended_operationW
rasman
RasPortFree
RasProtocolEnum
RasActivateRoute
RasDeviceSetInfo
RasRpcConnectServer
RasGetDeviceName
RasAddNotification
RasSetDeviceConfigInfo
RasPortEnum
RasSetConnectionUserData
RasGetDevConfig
RasRpcPortGetInfo
RasRpcGetUserPreferences
RasRpcUnloadDll
RasAddConnectionPort
RasFreeBuffer
RasRpcRemoteSetUserPreferences
RasPortRetrieveUserData
RasDestroyConnection
RasLinkGetStatistics
RasRpcRemoteRasDeleteEntry
RasDeviceEnum
RasRpcGetErrorString
RasPortReserve
RasIsTrustedCustomDll
IsRasmanProcess
RasPortStoreUserData
RasRpcDeviceEnum
RasSendCreds
RasReferenceRasman
RasAllocateRoute
RasGetKey
RasDoIke
RasSetDialParams
RasGetHportFromConnection
RasGetDialParams
RasRPCBind
inetcomm
EssReceiptDecodeEx
MimeOleGenerateCID
MimeOleGetFileExtension
MimeOleSMimeCapsFromDlg
MimeOleSetPropW
MimeOleInetDateToFileTime
EssMLHistoryEncodeEx
MimeOleSMimeCapInit
MimeOleSMimeCapAddCert
MimeEditDocumentFromStream
EssReceiptRequestDecodeEx
MimeOleCreateBody
MimeOleGenerateMID
MimeOleSMimeCapGetHashAlg
MimeOleEncodeHeader
MimeOleGenerateFileName
MimeEditGetBackgroundImageUrl
MimeOleSetDefaultCharset
MimeOleGetAllocator
MimeOleDecodeHeader
MimeOleGetPropW
EssSignCertificateDecodeEx
MimeOleGetCharsetInfo
EssReceiptEncodeEx
MimeOleParseRfc822AddressW
MimeGetAddressFormatW
MimeOleCreateMessage
HrDoAttachmentVerb
syssetup
AsrFreeContext
AsrRestorePlugPlayRegistryData
AsrCreateStateFileW
AsrAddSifEntryA
SetupInfObjectInstallActionW
SetupSetDisplay
AsrCreateStateFileA
AsrAddSifEntryW
SetupChangeFontSize
Sections
.text Size: 30KB - Virtual size: 29KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 40KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 62KB - Virtual size: 198KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 1024B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ