Static task
static1
Behavioral task
behavioral1
Sample
cae0af5dd09976b73defd179fbb9351b7fc9612e41801c5ac4cea8405b26b2c4.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
cae0af5dd09976b73defd179fbb9351b7fc9612e41801c5ac4cea8405b26b2c4.exe
Resource
win10v2004-20221111-en
General
-
Target
cae0af5dd09976b73defd179fbb9351b7fc9612e41801c5ac4cea8405b26b2c4
-
Size
835KB
-
MD5
13da64c1f9646c8030e5a0b55ccb90d5
-
SHA1
3d1d3a9b68c0be334ce0c931d1b8183b5dfc4bdb
-
SHA256
cae0af5dd09976b73defd179fbb9351b7fc9612e41801c5ac4cea8405b26b2c4
-
SHA512
54722d7bbae7e1e024b31b55f9ee4e81223430988fcf393120eb760dfc9e062577a25b61882deef40a6b11c504e7ab3932f352ba1c44aa558c7c734b9b3bb42e
-
SSDEEP
24576:1CPBtQ849GBzMX0rVCoTudVu2x29LJJS:1onQ84LiVCjq2xqT
Malware Config
Signatures
Files
-
cae0af5dd09976b73defd179fbb9351b7fc9612e41801c5ac4cea8405b26b2c4.exe windows x86
c6cdb657d5d87bd270a4f737d64e2b4f
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CommConfigDialogA
IsValidCodePage
GlobalMemoryStatusEx
EnumTimeFormatsA
SetConsoleMaximumWindowSize
LoadModule
GlobalAddAtomA
DeleteAtom
lstrlen
WriteFileEx
GetFirmwareEnvironmentVariableW
SetHandleCount
LocalShrink
WriteTapemark
VirtualAlloc
GetCommandLineA
CreateFileMappingA
CreateThread
SetConsoleTextAttribute
GetModuleHandleA
GetCurrentThread
lstrcmpiA
GetTapePosition
GetUserDefaultLCID
GetNumberFormatA
GetLogicalDrives
FindFirstFileExA
PulseEvent
GetAtomNameW
GetSystemDirectoryA
SetThreadIdealProcessor
GetProfileSectionA
WriteConsoleA
FindResourceA
GetPrivateProfileIntW
QueryPerformanceCounter
SetUserGeoID
IsValidLanguageGroup
GetSystemTimeAsFileTime
PeekConsoleInputA
VerifyVersionInfoA
BaseFlushAppcompatCache
CreateHardLinkW
LCMapStringW
GetNumaHighestNodeNumber
GlobalGetAtomNameW
AddVectoredExceptionHandler
ConnectNamedPipe
LoadLibraryA
_hwrite
SetTapeParameters
GetWindowsDirectoryW
MulDiv
Module32Next
ResetEvent
ExitProcess
SetThreadPriority
_llseek
FindAtomW
GetSystemDefaultLCID
FreeEnvironmentStringsW
CloseProfileUserMapping
GetDriveTypeW
RegisterConsoleIME
msi
MsiRecordGetFieldCount
MsiLocateComponentA
MsiGetSummaryInformationA
MsiConfigureProductExA
MsiVerifyPackageA
MsiOpenProductA
MsiInstallMissingComponentW
MsiProcessAdvertiseScriptW
MsiAdvertiseProductExW
MsiApplyPatchW
MsiProvideQualifiedComponentW
MsiGetFileHashA
MsiSummaryInfoGetPropertyCount
MsiDatabaseGetPrimaryKeysA
MsiGetFileVersionA
MsiDatabaseMergeA
MsiSetInstallLevel
MsiGetComponentPathA
MsiGetFileHashW
MsiProvideQualifiedComponentExW
MsiSourceListAddSourceA
MsiSetPropertyW
MsiGetLastErrorRecord
MsiReinstallProductA
Migrate10CachedPackagesA
MsiOpenPackageExA
MsiEnumClientsA
MsiSetFeatureStateA
MsiSetTargetPathW
MsiRecordGetStringA
shlwapi
StrFormatKBSizeW
wnsprintfA
PathStripToRootA
StrCpyW
ChrCmpIW
PathIsContentTypeW
StrCatBuffW
PathIsDirectoryEmptyW
PathIsRelativeW
PathCommonPrefixW
StrCmpNIA
PathParseIconLocationW
UrlUnescapeA
AssocQueryKeyW
SHSetValueA
PathBuildRootW
StrRChrIA
StrDupA
PathQuoteSpacesW
SHQueryValueExW
SHRegGetBoolUSValueW
StrRetToBufW
StrToIntW
AssocCreate
PathIsPrefixW
StrRChrW
PathFindExtensionA
SHQueryValueExA
PathUnquoteSpacesA
wshrm
WSHGetWSAProtocolInfo
WSHIoctl
WSHOpenSocket
WSHStringToAddress
WSHAddressToString
WSHJoinLeaf
WSHGetWinsockMapping
WSHGetProviderGuid
WSHGetBroadcastSockaddr
WSHGetSockaddrType
WSHOpenSocket2
WSHGetSocketInformation
WSHGetWildcardSockaddr
WSHSetSocketInformation
WSHEnumProtocols
WSHNotify
odbcconf
RegisterApplication
SetActionLogModeSz
RefreshAppRegEnum
AppRegEnum
SetActionEnum
QueryApplication
OpenAppRegEnum
ExecuteAction
SetActionLogFile
UnregisterApplication
RunDLL32_RegisterApplication
SetActionName
CloseAppRegEnum
SetSilent
RunDLL32_UnregisterApplication
SetActionLogMode
Sections
.text Size: 412KB - Virtual size: 412KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 122KB - Virtual size: 122KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 188KB - Virtual size: 1.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 109KB - Virtual size: 109KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ