q��p��~�����G�g�w�G��4��Bƿo����4��RȕkwK�����5�4�VA�"����7~V�+��y��aT��P~������5+�?�5����!��z1m�kH×�.b�%jZ�V��6bB�,�F�)T��л�r`��JP�iT#S��қd4����'m[QWG��.v�?b�|�Yp� J#�.� �Θu���"��Ҡ����a+PY�z��v�k���ڮ1���ǿk���D?���ӟ���J��g�VQs��)�R��J�%�v$��;�s�h@w��M�k���X1���6xwz�����Z������&�>��gKO�� ��4��0�a����TO���s��ՠ�!}6�Q!t�k{�d�z�S�U>M�2�./�IE7��ȁH�h���W��6���Zg�o�6��3���[*�V�YN{fdHW���42b˨�����!�Ґpm�)��E(ldY�a�ߕv�=���un��RzM<�H�ɑ(�Q"�Q�\zZ�Vʘ��<��dw� c(�E�v�ށEt(�T��y�뜬�_ ®�K/ɜXӼ��%3Dz��Q�f:��O�q#Y��[)�����4-&�'h�����2�>�t�[ts ��1|m=��0�&�LD 4�dQ��F;���gV�L���WP �\��iA�y��d�I���Oնl�A\+Y�������d�����욨��Ⱥp�w!�uuN<n26�j�d<@"��:�.��)p]u;���W�M��u �q�زα�={8����\#w���J(I[�D���S�c� ��lE��w>yy��}���]��tO'L� ���9��=OƮ~;.xfJ�Se TY P�6��v�xh�����]�����X�.Ҫ+�q�����q�Tg)��P!�x�]�=op�G� ���� ҫu6 ����ކ� bJZ�!�Yl�|���q>?+3��� {!�3��9�Q���e=#����(�&�5��hA�'j���TD�Q�^@.�p�U������7����⒋~b}3VZr�;!�����J�B(�i���p�2d�$�-��U�R�&���9K���� w5D�@�}�.���ݲ96��v�����YU�� �͙��oO��4��eS-������nclǼ�B(�i��L\y�[�[ c�b�e\�_�6DAwʈ��ǭ������d� �jT��V�ʛ�o(����QE{t�HEi��H�FbXz����G�.L����2���E���5*��D-���������ڟ����A�\����1{�J�l�5����x��f(�'q��d�i�Z�bW5�����JtL�uV��4��CM7������_]V��[���x��J/�$�,�d���V�(d�;�^7��ӓ �7 x��7G$�:\�/�9�,��N�+��I]b��)�7^��;\�*#��%6���y^m�&�lѠu?�HRMN�Y�O��{���_kv��s���:�4��붨�<&ݢ��&��Y��Oo(��C���<$\���٨4S�˭��ĉ4C��y�ul>�鋹9�h�_�<�F�C�s�|�zJ1,۱M�Mi�u��k�y���|���ĺ'��>pϠM��XA�k�������Ƕ�^wV��.��;�M�;]�IG����ݛ�u�����l|0����?����^\��?�8�gn����_��zc���'<ϬO(K�xJ�L��@E��16��r4�*4�>g�3jp�o�Vh8*Խ�m�2LmBhDDcq)=ʠ)��5 �����ɨ��!��C&NtO?�%���IZX���am��FÃ�a�ۿ7�> ���[m:���?��|�{�L'�xĺ�P�aU�K���7t�BUBm.����h�H�8��'��I��@נBŜ�98 �����c��]��ND��t2j���$�#�w��Oˋo_h{x��H�f����9Uȣԓ'C�:�y�; �xɷZ@K��M`���lTgW�2:��^RDF�5̽��%/�8����|���Ʀ`����U�O����sM��Њ��B�+����J�$��h����>���a{@6�ŷÜܕk���0p��&��W��"���R��߅v�O�gS�zॿ�a�- ����p�4`���K81��;F��N1 c�"�r�")@ӏ� \v����ӕ1��LL��7iu�5�2�_����zA��@<��ܠ�ߘ�'ds��,����l�],ݝ����b��)�\�2��@9 �ݜ��a�Zx�k�epV���%Г�h:������?��@��}a[��Ǘ�Q��<��h�.'�N�'j�j1�4�vI��`��c���k�M�d�y�l|/jE�Yo�M�k"�sP��w�9M���EZm�:�e��}��-���ja��v>J([ �Gц+��r�YΩR�B��� ���5}PCI�/�M���S�U� ���t�E�3;,�D�!hNz"�q�ѕ�Z�g6���)�K�U�\�٤<�B�yL/�p��蕫�R'Ͼ�E]���W�Et��Ev�Y���O���������]�Z��"�ȳ [f�2dV2\�玼�<0t��V�r�6u��f�YL`3%z���<����E*�$͙��E&/Ț+e:Z��˹���L=�mGC��GO�:��]��k,���φGK�V��#����m����g4��u�W�������N�*��E��V������q@N�,�3�!��ZnoJ���3����H�(���o.3-al[/y.Bh�������h��<��Y4��<(2W 4o��T'�,ȃ ���Z{�Җ�R~�U\t ���E=;��<���Y*ߧ� �d4 i� �����3���ۇI> P��έ��+��u����=w�)���+�H��A��Eg�Rß����5�j���)�x<��IM����2�ML+��#$�O+W�����3��.���R�����j� �X,�)��U��x�e�S��>�3k������������oS%�o�^�XT:���������C���1dT��EE�ԗ \��Om9>��T�x���YMXQ��i�ן=[d�m��Eʋ 6tR�s#�G�kU8�E <t�����XDzV(����/춺�Ry
Static task
static1
Behavioral task
behavioral1
Sample
e0b53a50ac70d2e95baea79962d94718b53098cc6e713c9ae88171a8382c0e0e.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
e0b53a50ac70d2e95baea79962d94718b53098cc6e713c9ae88171a8382c0e0e.exe
Resource
win10v2004-20221111-en
General
-
Target
e0b53a50ac70d2e95baea79962d94718b53098cc6e713c9ae88171a8382c0e0e
-
Size
880KB
-
MD5
47ab79facc37cbe44feca8475ddb507f
-
SHA1
7be3f8d5cfd44751b512b874a9aaa77a06a13247
-
SHA256
e0b53a50ac70d2e95baea79962d94718b53098cc6e713c9ae88171a8382c0e0e
-
SHA512
c64c9b3c22c2a1c7c9ffbcc3d879c915c3df36a50774aac620c187ddfba850f1f8698cff09bb0c240adf27514012860a9be4a401822d8a1bf0fe09e6917bbd71
-
SSDEEP
24576:mDyuQa/E+OluH9u7e7Hw5btLE0Qn1gDN1YI/vwMo:m2M/E+ZI7ekJLE0Qn14YI/o
Malware Config
Signatures
Files
-
e0b53a50ac70d2e95baea79962d94718b53098cc6e713c9ae88171a8382c0e0e.exe windows x86
c8715ca85da59fbeaa93c3ff878503d3
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
user32
BeginPaint
atl
ord47
ole32
CLSIDFromString
kernel32
GetVersionExA
GetVersion
GetACP
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess
advapi32
OpenProcessToken
shell32
DragQueryFileA
gdi32
ExtCreateRegion
Exports
Exports
Sections
.text Size: - Virtual size: 162KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 74KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.lzd0 Size: - Virtual size: 730KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 4KB - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.lzd1 Size: 772KB - Virtual size: 771KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 100KB - Virtual size: 97KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE