Static task
static1
Behavioral task
behavioral1
Sample
e0ec479c6476a29576a3bf8f226928b2f0228af0514163342c92b49c9551d618.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
e0ec479c6476a29576a3bf8f226928b2f0228af0514163342c92b49c9551d618.exe
Resource
win10v2004-20220812-en
General
-
Target
e0ec479c6476a29576a3bf8f226928b2f0228af0514163342c92b49c9551d618
-
Size
741KB
-
MD5
fc509840dda83d8f2f3ca8974a496cb3
-
SHA1
301f91647160f4b5bffef639455c62d6aa205591
-
SHA256
e0ec479c6476a29576a3bf8f226928b2f0228af0514163342c92b49c9551d618
-
SHA512
5c60ff54039e8d3d457accfc03fdc8c1366d15ca21a20280e3c38d41b500141795ca170c3ced1f315e308ceaef219421b69de45487443c39eaed3878fe5fbd32
-
SSDEEP
12288:pxnxXR6FqqBSxtb2UyDHqN1caA9f1TXc+7592j6l0zF0Ijk4+TTXz:plOsHxZDzWf1TX6jhjjiTT
Malware Config
Signatures
Files
-
e0ec479c6476a29576a3bf8f226928b2f0228af0514163342c92b49c9551d618.exe windows x86
46f31d4671c0271b670ad8551ec7be34
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
DeleteFileA
FindVolumeClose
SetEndOfFile
GetStartupInfoW
GetFileSize
WaitForSingleObject
GetEnvironmentVariableA
HeapSize
ResumeThread
SetFileAttributesA
IsBadCodePtr
GetModuleHandleA
FindVolumeClose
CloseHandle
FindAtomA
GetCurrentDirectoryA
CreateFileA
GetTickCount
ExitProcess
ReleaseMutex
HeapCreate
ResetEvent
HeapDestroy
InitializeCriticalSection
GetTickCount
wininet
FtpCreateDirectoryW
HttpQueryInfoA
FtpFindFirstFileA
DeleteUrlCacheEntryA
DeleteUrlCacheEntryA
FtpGetFileW
FtpOpenFileA
FtpPutFileA
FtpGetCurrentDirectoryW
FindCloseUrlCache
DeleteUrlCacheEntryA
HttpEndRequestA
FtpDeleteFileA
serwvdrv
DriverProc
DriverProc
DriverProc
DriverProc
Sections
.text Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 512B - Virtual size: 1.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 736KB - Virtual size: 735KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ