Static task
static1
Behavioral task
behavioral1
Sample
cf23aa6d2ebfbf463632c166f2c19afb55aadb13ca694f5d8f927238d5d89344.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
cf23aa6d2ebfbf463632c166f2c19afb55aadb13ca694f5d8f927238d5d89344.exe
Resource
win10v2004-20221111-en
General
-
Target
cf23aa6d2ebfbf463632c166f2c19afb55aadb13ca694f5d8f927238d5d89344
-
Size
656KB
-
MD5
36a41c234be66fa99b758d2a88d14579
-
SHA1
1f1d7260e21342ed2e46f4108bec0605db0a026a
-
SHA256
cf23aa6d2ebfbf463632c166f2c19afb55aadb13ca694f5d8f927238d5d89344
-
SHA512
8b937c375a54c041e8c436e1f65efe02dc767e5e422a2a76b4d21f8686d1a60d277446b8a30d4243c733d7ec90a96c879db9966865784902ae30d86e26740a8c
-
SSDEEP
12288:AxUjn+vMBLWg/iscQJ9a9wuBZW8yVQPgy:AKj+vMEsTgwuZhUi
Malware Config
Signatures
Files
-
cf23aa6d2ebfbf463632c166f2c19afb55aadb13ca694f5d8f927238d5d89344.exe windows x86
5082516ae2bcc802b70285b3936027b0
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
urlmon
URLDownloadToFileA
kernel32
GetLastError
InterlockedIncrement
lstrcmpiA
IsDBCSLeadByte
DebugBreak
OutputDebugStringA
SetLastError
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetModuleHandleA
GetModuleFileNameA
CreateProcessA
GetCurrentDirectoryA
CreateEventA
GetProcAddress
CloseHandle
ReadFile
CreateFileA
WriteFile
GetPrivateProfileStringA
GetPrivateProfileIntA
CreateDirectoryA
lstrcpyA
OpenEventA
lstrlenW
GetDateFormatA
GetTimeFormatA
LCMapStringW
LCMapStringA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetCurrentThreadId
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CreateFileW
SetHandleCount
GetFileType
SetStdHandle
GetTimeZoneInformation
HeapSize
Sleep
GetStdHandle
ExitProcess
FatalAppExitA
HeapCreate
HeapDestroy
GetStringTypeW
GetStringTypeA
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
InterlockedDecrement
GetCurrentProcess
FlushInstructionCache
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
CompareStringW
RaiseException
GetCurrentThread
TlsFree
TlsSetValue
CompareStringA
FlushFileBuffers
GetLocaleInfoW
SetEndOfFile
SetConsoleCtrlHandler
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
TlsAlloc
TlsGetValue
GetOEMCP
SetEnvironmentVariableA
GetEnvironmentStringsW
GetVersionExA
InterlockedCompareExchange
HeapFree
GetProcessHeap
HeapAlloc
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
VirtualProtect
GetSystemInfo
VirtualQuery
HeapReAlloc
GetConsoleCP
GetConsoleMode
SetFilePointer
GetCommandLineA
GetStartupInfoA
GetCPInfo
GetUserDefaultLCID
user32
GetSystemMetrics
LoadImageA
PostMessageA
IsWindow
EndDialog
GetSysColorBrush
GetParent
GetWindow
GetWindowRect
SystemParametersInfoA
UnregisterClassA
MapWindowPoints
SetWindowPos
SendMessageA
GetDlgItem
KillTimer
SetTimer
SetWindowTextA
GetWindowLongA
DefWindowProcA
GetActiveWindow
MessageBoxA
DialogBoxParamA
DestroyWindow
CharNextA
LoadStringA
SetWindowLongA
GetClientRect
gdi32
SetTextColor
SetBkMode
advapi32
RegQueryValueExA
RegDeleteValueA
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteKeyA
shell32
ShellExecuteA
ole32
CoFreeLibrary
CoLoadLibrary
CoInitialize
CoUninitialize
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
oleaut32
VarUI4FromStr
SysFreeString
comctl32
InitCommonControlsEx
Sections
.text Size: 224KB - Virtual size: 223KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 32KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 192KB - Virtual size: 188KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tc Size: 196KB - Virtual size: 196KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE