Static task
static1
Behavioral task
behavioral1
Sample
7318b59e6575e6cbf5882d7623bb496054cb7cbf8bb3800786a2e9c8adb5d6ee.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
7318b59e6575e6cbf5882d7623bb496054cb7cbf8bb3800786a2e9c8adb5d6ee.exe
Resource
win10v2004-20220812-en
General
-
Target
7318b59e6575e6cbf5882d7623bb496054cb7cbf8bb3800786a2e9c8adb5d6ee
-
Size
114KB
-
MD5
bfe3e7c826339528edb57ac256e56507
-
SHA1
4806fdcd09ed06575d41123b8ad7fa62b1524969
-
SHA256
7318b59e6575e6cbf5882d7623bb496054cb7cbf8bb3800786a2e9c8adb5d6ee
-
SHA512
45c99ae6065df426b9a39d235ce3405362c6817692194d6134847995482caa3f46fb85e18d9b6f74b538f8aa32a70c15a089f917afff3f8b03275fe6c311d32f
-
SSDEEP
1536:wndVjS0frDiYb02RUt7fb6CC8ku74ivgG9EsZlSRGiif:wVdb024n6CC8kvDkEsX8GiI
Malware Config
Signatures
Files
-
7318b59e6575e6cbf5882d7623bb496054cb7cbf8bb3800786a2e9c8adb5d6ee.exe windows x86
12fa59bdfd6045ea154f4af9c6922869
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
user32
SetWindowRgn
GetMenuInfo
GetDlgItemInt
DdeQueryConvInfo
EnumDisplayDevicesA
EnumDisplaySettingsW
MsgWaitForMultipleObjects
GetListBoxInfo
AttachThreadInput
DdeSetQualityOfService
SetDebugErrorLevel
dbghelp
SymGetTypeFromName
SymEnumSourceFiles
SymGetSymPrev
FindExecutableImage
SymGetLineNext64
SearchTreeForFile
SymFromAddr
kernel32
GetProcAddress
SetConsoleMode
ReadConsoleInputA
CreateFileW
CloseHandle
WriteConsoleW
SetStdHandle
SetEnvironmentVariableA
CompareStringW
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetFilePointer
HeapSize
LoadLibraryW
GetLastError
GetProcessHeap
WriteFile
ExpandEnvironmentStringsA
InitializeCriticalSection
GetACP
UnlockFile
InterlockedDecrement
InterlockedIncrement
GetTimeFormatA
GetDateFormatA
HeapReAlloc
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
GetCommandLineA
HeapSetInformation
GetStartupInfoW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
DecodePointer
TerminateProcess
GetCurrentProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
GetCurrentThreadId
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetOEMCP
IsValidCodePage
Sleep
GetUserDefaultLCID
GetLocaleInfoW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeW
MultiByteToWideChar
WideCharToMultiByte
GetTimeZoneInformation
HeapCreate
ExitProcess
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
LCMapStringW
RtlUnwind
IsProcessorFeaturePresent
Sections
.text Size: 61KB - Virtual size: 60KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 16KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 32KB - Virtual size: 31KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ