Static task
static1
Behavioral task
behavioral1
Sample
bcc577edc26e28c8a5270d84a62fbdffbebf7eb25e7fd4d79388d31a178590ec.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
bcc577edc26e28c8a5270d84a62fbdffbebf7eb25e7fd4d79388d31a178590ec.exe
Resource
win10v2004-20220812-en
General
-
Target
bcc577edc26e28c8a5270d84a62fbdffbebf7eb25e7fd4d79388d31a178590ec
-
Size
152KB
-
MD5
edc76afdd2b022367029d4f0743111c3
-
SHA1
72ceaa6b2b5f8a81a2f07aec43376b8bb022bb51
-
SHA256
bcc577edc26e28c8a5270d84a62fbdffbebf7eb25e7fd4d79388d31a178590ec
-
SHA512
5072186c9b46e4a856201bff68944aad59c63dca3ad0735d29879f251ba31c08073920e9f3b3d1e7fd7a34b4393ba05b7c79b5c310156ad7b3a9e273e1882684
-
SSDEEP
3072:X0CoD1h//HQia6kalYUPZsneByEmeqgCSC1N5XN9aWO/GBlqbUxo:X0V1h/4i7LlYUP2nwyOXCSC1NLlqwxo
Malware Config
Signatures
Files
-
bcc577edc26e28c8a5270d84a62fbdffbebf7eb25e7fd4d79388d31a178590ec.exe windows x86
dc50ab00330426a3f4d63a6fb666bddf
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ole32
CoInitialize
CoUninitialize
CoCreateInstance
OleInitialize
OleSetContainedObject
ws2_32
ioctlsocket
listen
ntohl
inet_addr
recv
send
socket
WSAConnect
WSASocketA
WSAWaitForMultipleEvents
clusapi
ClusterNodeOpenEnum
AddClusterResourceDependency
BackupClusterDatabase
ChangeClusterResourceGroup
CloseClusterGroup
CloseClusterNetInterface
CloseClusterNetwork
CloseClusterNotifyPort
CloseClusterResource
ClusterControl
ClusterEnum
ClusterGetEnumCount
ClusterGroupCloseEnum
ClusterGroupControl
ClusterGroupEnum
ClusterGroupGetEnumCount
SetClusterServiceAccountPassword
SetClusterQuorumResource
SetClusterNetworkPriorityOrder
SetClusterNetworkName
SetClusterName
SetClusterGroupNodeList
SetClusterGroupName
ResumeClusterNode
RestoreClusterDatabase
RemoveClusterResourceNode
RemoveClusterResourceDependency
RegisterClusterNotify
PauseClusterNode
OpenClusterResource
OpenClusterNode
OpenClusterNetwork
OpenClusterNetInterface
OpenClusterGroup
OfflineClusterResource
OfflineClusterGroup
MoveClusterGroup
GetNodeClusterState
GetClusterResourceTypeKey
GetClusterResourceState
GetClusterResourceNetworkName
GetClusterResourceKey
GetClusterQuorumResource
GetClusterNotify
GetClusterNodeState
GetClusterNodeKey
GetClusterNodeId
GetClusterNetworkState
GetClusterNetworkKey
GetClusterNetworkId
GetClusterNetInterfaceState
GetClusterNetInterfaceKey
GetClusterNetInterface
GetClusterKey
GetClusterInformation
GetClusterFromResource
GetClusterFromNode
GetClusterFromNetwork
GetClusterFromNetInterface
GetClusterFromGroup
FailClusterResource
EvictClusterNodeEx
EvictClusterNode
CreateClusterResourceType
CreateClusterResource
CreateClusterNotifyPort
CreateClusterGroup
ClusterResourceTypeOpenEnum
ClusterResourceTypeEnum
ClusterResourceTypeControl
ClusterResourceTypeCloseEnum
ClusterResourceOpenEnum
ClusterResourceGetEnumCount
ClusterResourceEnum
ClusterResourceControl
ClusterResourceCloseEnum
ClusterRegSetValue
ClusterRegSetKeySecurity
ClusterRegQueryValue
ClusterRegQueryInfoKey
ClusterRegOpenKey
ClusterRegGetKeySecurity
ClusterRegEnumValue
ClusterRegEnumKey
ClusterRegDeleteKey
ClusterRegCreateKey
ClusterOpenEnum
ClusterGroupOpenEnum
ClusterNetworkOpenEnum
ClusterNetworkGetEnumCount
ClusterNetworkEnum
ClusterNetworkControl
ClusterNetworkCloseEnum
ClusterNetInterfaceControl
cryptui
CryptUIWizFreeDigitalSignContext
CryptUIWizDigitalSign
CryptUIDlgViewContext
CryptUIDlgSelectCertificateFromStore
CryptUIWizImport
dciman32
DCISetClipList
DCISetDestination
DCISetSrcDestClip
DCIOpenProvider
WinWatchGetClipList
WinWatchNotify
WinWatchOpen
DCIDestroy
DCICreatePrimary
DCICreateOverlay
DCIBeginAccess
GetDCRegionData
msvcrt
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__dllonexit
_onexit
_exit
fopen
fseek
fread
fclose
strncmp
time
kernel32
GetStartupInfoA
GetModuleHandleA
CreateEventA
WaitForSingleObject
PulseEvent
VirtualProtect
WriteConsoleW
GetModuleFileNameA
GetFileTime
MultiByteToWideChar
ExitProcess
LoadLibraryA
ReleaseMutex
CreateMutexA
OpenMutexA
DeleteFileA
FindFirstChangeNotificationA
ResetEvent
GetEnvironmentVariableA
GetExitCodeProcess
PeekNamedPipe
DuplicateHandle
GetCurrentThread
Sections
.text Size: 32KB - Virtual size: 30KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 76KB - Virtual size: 75KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 36KB - Virtual size: 769KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 456B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ