Static task
static1
Behavioral task
behavioral1
Sample
a24db41712e038762a20440a1e0f1196247ee6a7b76e4a0e5993955e5b5a759a.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
a24db41712e038762a20440a1e0f1196247ee6a7b76e4a0e5993955e5b5a759a.exe
Resource
win10v2004-20220812-en
General
-
Target
a24db41712e038762a20440a1e0f1196247ee6a7b76e4a0e5993955e5b5a759a
-
Size
48KB
-
MD5
54dfce0d85ba4403a305e1b06c9a3b8a
-
SHA1
2322ad0ed39c256a2389bab0f3a003bcbdb1e05c
-
SHA256
a24db41712e038762a20440a1e0f1196247ee6a7b76e4a0e5993955e5b5a759a
-
SHA512
6a19156834b549148e731278c65543ecd4f6b78eb4e06e67322fec0c9aaaea1a1fa344aa3a22d11c630c496dc9d9fcbcf4e5983cec06aa190dcbc497003312e0
-
SSDEEP
768:NqoGYfXlp5sXDZ/MvU8r1e2n649dIa7ZM9jo9ZGv7UskHeJy+rS:hGYfX75sXD5Mi2n7rIkFs6+rS
Malware Config
Signatures
Files
-
a24db41712e038762a20440a1e0f1196247ee6a7b76e4a0e5993955e5b5a759a.exe windows x86
0d2656ed7c052f50f16e358efec65c94
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
wininet
InternetCloseHandle
InternetOpenUrlA
InternetOpenA
InternetReadFile
netapi32
Netbios
mfc42
ord1247
ord540
ord939
ord2818
ord535
ord1105
ord6283
ord6282
ord6877
ord4202
ord858
ord926
ord1575
ord700
ord913
ord536
ord5594
ord860
ord398
ord4189
ord801
ord825
ord6883
ord6143
ord541
ord941
ord4129
ord5683
ord5572
ord2915
ord6928
ord4277
ord354
ord2820
ord3811
ord665
ord800
ord6930
ord3790
ord823
ord537
msvcrt
_splitpath
_snprintf
memset
_stricmp
_strlwr
strcpy
strncpy
sprintf
__CxxFrameHandler
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_except_handler3
??1type_info@@UAE@XZ
_onexit
__dllonexit
atol
_strupr
strcmp
_CxxThrowException
strlen
??0exception@@QAE@ABV0@@Z
memcmp
realloc
free
memcpy
malloc
kernel32
GetCurrentThread
GetStartupInfoA
GetPrivateProfileStringA
WritePrivateProfileStringA
MoveFileExA
DeleteFileA
CreateToolhelp32Snapshot
Process32First
Process32Next
GetWindowsDirectoryA
CreateDirectoryA
OpenProcess
lstrcatA
lstrcpyA
LoadLibraryA
GetProcAddress
InitializeCriticalSection
IsDBCSLeadByte
lstrcpynA
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
FreeLibrary
GetModuleHandleA
GetShortPathNameA
MultiByteToWideChar
lstrlenW
lstrlenA
GetCommandLineA
lstrcmpiA
GetCurrentThreadId
Sleep
SetLastError
GetModuleFileNameA
WideCharToMultiByte
GetCurrentProcess
CloseHandle
GetLastError
user32
SetTimer
GetMessageA
LoadStringA
TranslateMessage
DispatchMessageA
PostThreadMessageA
CharNextA
KillTimer
advapi32
QueryServiceStatus
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
GetLengthSid
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
OpenProcessToken
OpenThreadToken
GetTokenInformation
LookupAccountNameA
AddAccessAllowedAce
GetAce
InitializeAcl
AddAce
GetAclInformation
CloseServiceHandle
ChangeServiceConfig2A
CreateServiceA
OpenSCManagerA
DeleteService
CopySid
ControlService
OpenServiceA
RegDeleteKeyA
RegisterServiceCtrlHandlerA
SetServiceStatus
RegQueryValueExA
RegCloseKey
RegSetValueExA
RegDeleteValueA
StartServiceCtrlDispatcherA
RegOpenKeyExA
RegCreateKeyExA
RegEnumKeyExA
RegQueryInfoKeyA
RegEnumValueA
CreateProcessAsUserA
ole32
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoInitializeEx
CoUninitialize
CoInitializeSecurity
CoRegisterClassObject
CoRevokeClassObject
CoCreateInstance
CoInitialize
oleaut32
RegisterTypeLi
SysFreeString
LoadTypeLi
SysAllocString
VarUI4FromStr
setupapi
SetupIterateCabinetA
msvcp60
??0logic_error@std@@QAE@ABV01@@Z
??1out_of_range@std@@UAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??_7out_of_range@std@@6B@
??0logic_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??0out_of_range@std@@QAE@ABV01@@Z
Sections
.text Size: 28KB - Virtual size: 26KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ