Static task
static1
Behavioral task
behavioral1
Sample
ade4c293f95b82208e6bd5878df198955cb7713854eee9a9bcfe249c892d0d00.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
ade4c293f95b82208e6bd5878df198955cb7713854eee9a9bcfe249c892d0d00.exe
Resource
win10v2004-20220812-en
General
-
Target
ade4c293f95b82208e6bd5878df198955cb7713854eee9a9bcfe249c892d0d00
-
Size
112KB
-
MD5
a596a6d0f749a9c1747382ab0f359522
-
SHA1
c7ef7f53810ce8967fb153d473a5e6cecc48194f
-
SHA256
ade4c293f95b82208e6bd5878df198955cb7713854eee9a9bcfe249c892d0d00
-
SHA512
1269b21d4df8ee34f8cce91ee4b57c77decb907e2cf22f8ced771ea55110916f57ccdd828a32dadfbd237ff474d22442babaae04e8af42a2f195a8a4681d7335
-
SSDEEP
3072:zhxtZFHr/NPpd533jbtxbbr3Hj1NlZ73t3JZb3aoe5Mdp30Yc+DwxJhylRxeS/db:zhxtZFHr/NPpd533jbtxbbr3Hj1NlZ7D
Malware Config
Signatures
Files
-
ade4c293f95b82208e6bd5878df198955cb7713854eee9a9bcfe249c892d0d00.exe windows x86
41abe8acb49fe6265bb67c5b16d91743
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
shell32
SHSetDefaultProperties
LaunchMSHelp_RunDLLW
Control_RunDLLA
OpenAs_RunDLLA
StrRChrIW
StrRChrA
ILGetSize
RestartDialog
PathResolve
SHGetItemFromObject
SHCreateShellItemArrayFromDataObject
SHBindToParent
SHGetIDListFromObject
SHQueryUserNotificationState
SHAlloc
SHGetFolderPathWWorker
ShellExec_RunDLLA
SHResolveLibrary
Options_RunDLLW
advapi32
LsaICLookupSids
GetOverlappedAccessResults
AddMandatoryAce
PerfDecrementULongLongCounterValue
LsaICLookupNamesWithCreds
CredWriteA
GetAccessPermissionsForObjectW
AccessCheckByTypeResultListAndAuditAlarmA
RegCreateKeyTransactedA
WmiSetSingleInstanceA
AreAllAccessesGranted
AddAce
GetNamedSecurityInfoExW
GetSecurityDescriptorDacl
EventWriteString
RegDeleteTreeW
IdentifyCodeAuthzLevelW
LsaDeleteTrustedDomain
Sections
.text Size: - Virtual size: 104KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.stub Size: 26KB - Virtual size: 26KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 83KB - Virtual size: 82KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 436B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ