Static task
static1
Behavioral task
behavioral1
Sample
96be3e98794bfa90914e822f99376e584d46b220d5cdba4188a6e14e3589f8c8.dll
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
96be3e98794bfa90914e822f99376e584d46b220d5cdba4188a6e14e3589f8c8.dll
Resource
win10v2004-20220812-en
General
-
Target
96be3e98794bfa90914e822f99376e584d46b220d5cdba4188a6e14e3589f8c8
-
Size
48KB
-
MD5
7249040c2492b9d05e0646b7aa9e17ed
-
SHA1
f98e5cb08507ec48f37adf62fa82a72d52e509a9
-
SHA256
96be3e98794bfa90914e822f99376e584d46b220d5cdba4188a6e14e3589f8c8
-
SHA512
82ae6565b83a138c6e8cd52089b6a354486984b56e2c3c2fad005bbdce4ad376b27081caf5c654f51d835a606e9a813fb21a4276f1ee88d38e38f88b9a982fdb
-
SSDEEP
768:bXPbE7StiKmiNTgNPJOsWRbMArCdpPuljSsBBQARQk0+EqUiSEd0XaX:b/YOvNTEYSsBBQARkjqUiSEdp
Malware Config
Signatures
Files
-
96be3e98794bfa90914e822f99376e584d46b220d5cdba4188a6e14e3589f8c8.dll windows x86
349429271343c70b80b4340a92abfb2a
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
ntdll
_snprintf
RtlUnwind
memcmp
memcpy
strstr
RtlZeroMemory
strlen
ws2_32
gethostname
kernel32
CreateFileA
IsBadReadPtr
WriteFile
WideCharToMultiByte
WaitForSingleObject
VirtualProtectEx
UnmapViewOfFile
ReadFile
MoveFileExA
MapViewOfFile
GetTempPathA
CloseHandle
CreateThread
DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetModuleFileNameA
GetModuleHandleA
GlobalAlloc
GlobalFree
InitializeCriticalSection
LeaveCriticalSection
ReadProcessMemory
Sleep
VirtualAlloc
VirtualFree
lstrcatA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA
GetProcAddress
LoadLibraryA
GetTempFileNameA
CreateFileMappingA
CreateProcessA
DeleteFileA
GetExitCodeThread
GetFileSize
GetLastError
GetStartupInfoA
GetSystemDirectoryA
user32
wsprintfA
UnhookWindowsHookEx
SendMessageA
RegisterWindowMessageA
SetWindowLongA
SetTimer
KillTimer
GetWindowThreadProcessId
GetWindowTextA
GetWindowLongA
EnumWindows
CallWindowProcA
Sections
.text Size: 28KB - Virtual size: 25KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.bss Size: - Virtual size: 12B
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 4KB - Virtual size: 826B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ