Static task
static1
Behavioral task
behavioral1
Sample
8fbfa8f65eeee205cd4c3c49644c68cb377f5e9db79e60da5588dacb0db02e85.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
8fbfa8f65eeee205cd4c3c49644c68cb377f5e9db79e60da5588dacb0db02e85.exe
Resource
win10v2004-20221111-en
General
-
Target
8fbfa8f65eeee205cd4c3c49644c68cb377f5e9db79e60da5588dacb0db02e85
-
Size
181KB
-
MD5
54d577eefd0777da916d8f48c9729a9d
-
SHA1
45342a3f79ba602d3f5f5734de33d9f2925c8408
-
SHA256
8fbfa8f65eeee205cd4c3c49644c68cb377f5e9db79e60da5588dacb0db02e85
-
SHA512
622ea25f4a3ce7daf4ac2a88903e8a40742b02b2dde599614abdff119472ae046c23b51e8fb440606f28117f56dd645984631e7db3664f6162a567e520d598b0
-
SSDEEP
3072:lJZcJkapqDjsCnXUtBzCR+yFiiLqhRb1390KV56euVLKXH4vrJdIe2p8:JcJkapqDnXkBzU+4qHbVBLuVO34DnIH8
Malware Config
Signatures
Files
-
8fbfa8f65eeee205cd4c3c49644c68cb377f5e9db79e60da5588dacb0db02e85.exe windows x86
bb3d69e01298ff9ce6ad8e1646cef797
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
advapi32
RegEnumKeyW
RegOpenKeyExW
RegQueryValueW
RegOpenKeyW
RegSetValueExW
RegEnumKeyExW
RegDeleteKeyW
RegQueryInfoKeyW
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
shell32
SHCreateDirectoryExW
SHGetSpecialFolderPathW
comdlg32
GetFileTitleW
user32
AdjustWindowRectEx
CharUpperW
SetForegroundWindow
GetMenu
GetMessageTime
SetRect
RemovePropW
GetClassLongW
CopyAcceleratorTableW
GetClassInfoW
IntersectRect
GetClientRect
WinHelpW
CallWindowProcW
GetClassInfoExW
CharNextW
GetTopWindow
GetNextDlgTabItem
MessageBeep
RegisterClassW
RegisterWindowMessageW
InvalidateRect
SetPropW
GetMessagePos
LoadIconW
GetNextDlgGroupItem
MapWindowPoints
IsWindow
OffsetRect
SetActiveWindow
InvalidateRgn
GetPropW
EqualRect
IsChild
UpdateWindow
DefWindowProcW
SendDlgItemMessageA
GetForegroundWindow
CreateWindowExW
GetWindowPlacement
IsRectEmpty
IsIconic
DestroyMenu
kernel32
SystemTimeToFileTime
GetSystemDefaultLangID
ReadFile
SetFileTime
FindFirstFileW
GetCalendarInfoA
MultiByteToWideChar
SetFilePointer
ConvertDefaultLocale
GetLocaleInfoA
LoadResource
GetProcAddress
RemoveDirectoryW
GetCurrentDirectoryW
CreateMutexW
InitializeCriticalSection
GetVersionExW
WideCharToMultiByte
GetThreadContext
FindNextFileW
CreateDirectoryW
LoadLibraryW
DeleteFileW
GetFileAttributesW
WaitForSingleObject
LocalFileTimeToFileTime
FindClose
CloseHandle
InterlockedExchange
MoveFileW
lstrcpyW
EnumResourceNamesA
RaiseException
LockResource
EnumResourceLanguagesW
FreeLibrary
GetThreadLocale
DeleteCriticalSection
ExitProcess
CreateFileW
VirtualFree
GetModuleFileNameW
GetCurrentProcessId
ReleaseMutex
WriteFile
GetVersion
SizeofResource
FindResourceW
InterlockedDecrement
GetLocaleInfoW
GetModuleHandleW
lstrcmpiA
GetACP
lstrcmpA
gdi32
GetDeviceCaps
ExtTextOutW
GetObjectW
DeleteDC
CreateBitmap
SaveDC
TextOutW
PtVisible
GetClipBox
GetStockObject
GetViewportExtEx
SetWindowExtEx
SetMapMode
ExtSelectClipRgn
GetRgnBox
GetWindowExtEx
SelectObject
GetBkColor
OffsetViewportOrgEx
Escape
ScaleWindowExtEx
SetViewportExtEx
SetBkColor
ScaleViewportExtEx
SetViewportOrgEx
SetTextColor
GetMapMode
RectVisible
GetTextColor
DeleteObject
RestoreDC
CreateRectRgnIndirect
winspool.drv
ClosePrinter
DocumentPropertiesW
OpenPrinterW
ole32
CoCreateInstance
CLSIDFromProgID
CoRevokeClassObject
CoGetClassObject
OleIsCurrentClipboard
StgOpenStorageOnILockBytes
OleInitialize
CoRegisterMessageFilter
CreateILockBytesOnHGlobal
CoUninitialize
CoTaskMemAlloc
CoInitialize
CoTaskMemFree
OleFlushClipboard
StgCreateDocfileOnILockBytes
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
shlwapi
PathRemoveFileSpecW
PathFileExistsW
PathFindExtensionW
PathIsUNCW
PathFindFileNameW
PathStripToRootW
PathAppendW
oledlg
OleUIBusyW
Sections
.text Size: 102KB - Virtual size: 102KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.bss Size: 71KB - Virtual size: 71KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.edata Size: 1024B - Virtual size: 244KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ