Static task
static1
Behavioral task
behavioral1
Sample
c37a6e7f6017e8e0ed98cf24cf05edbc59647b44f1866d389a09108072b599de.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
c37a6e7f6017e8e0ed98cf24cf05edbc59647b44f1866d389a09108072b599de.exe
Resource
win10v2004-20220812-en
General
-
Target
c37a6e7f6017e8e0ed98cf24cf05edbc59647b44f1866d389a09108072b599de
-
Size
328KB
-
MD5
3782eaeeac999a2620e17d86544a3234
-
SHA1
32886c9b02f28a6d5d4f08bd82c20ac5398088e5
-
SHA256
c37a6e7f6017e8e0ed98cf24cf05edbc59647b44f1866d389a09108072b599de
-
SHA512
ed932f64bb3ed3f98ac45c4a4fbf70c891c962d3b8efaef5fef26b2c9aee5820ff8345d174f5c2ce48268083a7dfa9964bdb9c76f737c927ab695da626f1b719
-
SSDEEP
6144:eNuO9bLeqd34Gfhwu8pwxT06c8SMjdRs/Q:eoODlhKKTdSUdwQ
Malware Config
Signatures
Files
-
c37a6e7f6017e8e0ed98cf24cf05edbc59647b44f1866d389a09108072b599de.exe windows x86
7af3f26d7c68e3aa89c80ac3272da09c
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
WideCharToMultiByte
MultiByteToWideChar
FreeLibrary
GetProcAddress
LoadLibraryW
DeviceIoControl
Sleep
lstrcpynW
CreateMutexW
CreateProcessW
lstrlenW
GetPrivateProfileStringW
FlushFileBuffers
CreateFileW
SetStdHandle
LoadLibraryA
GetOEMCP
GetACP
SetFilePointer
GetStringTypeW
GetStringTypeA
GetCPInfo
IsBadCodePtr
IsBadReadPtr
IsBadWritePtr
VirtualAlloc
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
GetLastError
SetLastError
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameW
GetSystemDefaultLangID
lstrcatW
GetFileAttributesW
lstrcpyW
CloseHandle
FreeEnvironmentStringsW
GetModuleHandleW
FreeEnvironmentStringsA
GetCurrentProcess
GetVersionExW
GetCommandLineW
RtlUnwind
RaiseException
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsGetValue
HeapAlloc
LCMapStringA
LCMapStringW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
SetUnhandledExceptionFilter
TerminateProcess
HeapReAlloc
HeapSize
UnhandledExceptionFilter
GetModuleFileNameA
user32
GetLastActivePopup
LoadImageW
LoadIconW
LoadCursorW
RegisterClassExW
CreateWindowExW
GetMessageW
TranslateMessage
DispatchMessageW
DefWindowProcW
PostQuitMessage
DestroyWindow
KillTimer
SetForegroundWindow
GetCursorPos
DestroyMenu
CreatePopupMenu
AppendMenuW
SetMenuDefaultItem
FindWindowW
PostMessageW
SetTimer
LockWorkStation
MessageBoxW
wsprintfW
IsDlgButtonChecked
EndDialog
SetWindowTextW
SetDlgItemTextW
GetDlgItem
SetFocus
SystemParametersInfoW
AttachThreadInput
GetWindowThreadProcessId
GetForegroundWindow
IsWindow
DialogBoxParamW
RegisterWindowMessageW
TrackPopupMenuEx
gdi32
GetStockObject
advapi32
RegSetValueExW
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken
RegQueryValueExW
RegFlushKey
RegCloseKey
RegOpenKeyExW
RegCreateKeyExW
shell32
ShellExecuteW
Shell_NotifyIconW
Sections
.text Size: 56KB - Virtual size: 52KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 8KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 16KB - Virtual size: 31KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 244KB - Virtual size: 241KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ