Static task
static1
Behavioral task
behavioral1
Sample
75983c02c314dd38c3a81fe9017db614dee38423b2496830e0555eb99185ced9.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
75983c02c314dd38c3a81fe9017db614dee38423b2496830e0555eb99185ced9.exe
Resource
win10v2004-20221111-en
General
-
Target
75983c02c314dd38c3a81fe9017db614dee38423b2496830e0555eb99185ced9
-
Size
1.5MB
-
MD5
c3331f3388fbf5f66345f0a7309402ba
-
SHA1
092e04878232688eb887cdc67601b9b672591972
-
SHA256
75983c02c314dd38c3a81fe9017db614dee38423b2496830e0555eb99185ced9
-
SHA512
346f3f7ddcd60b5ebe974676da93f87d5cdbf5fa5b20a28aa7863ccbffd941fa450258cd7e476361186b804934851bc2895b76999ab111ab7ca5574097ac3c68
-
SSDEEP
24576:NijtWtiP+xlsJdzyM6Pel3dui4876ogCHijD1kXQSY6DJ:NWtWtiWxgzyMiel3duijbgCHcD1Eo
Malware Config
Signatures
Files
-
75983c02c314dd38c3a81fe9017db614dee38423b2496830e0555eb99185ced9.exe windows x64
16136c034875c5d8fed8da52db831df8
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
kernel32
CreateFileW
FlushFileBuffers
GetFileAttributesW
GetFileSize
ReadFile
SetEndOfFile
SetFilePointer
WriteFile
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentVariableW
GetSystemInfo
GetTickCount
GetVersionExW
FreeLibrary
FreeResource
LoadResource
LockResource
SizeofResource
FormatMessageW
FindResourceW
ExitProcess
TerminateProcess
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetEvent
ReleaseSemaphore
WaitForSingleObject
CreateEventW
QueryPerformanceCounter
GetModuleFileNameW
CreateSemaphoreW
GetCurrentProcessId
GetStdHandle
HeapAlloc
HeapFree
HeapSize
GetOverlappedResult
VirtualAlloc
VirtualFree
VirtualProtect
RtlCaptureContext
GetCurrentThread
CreateDirectoryW
SetThreadPriority
GetThreadPriority
TlsAlloc
TlsSetValue
TlsFree
GetThreadTimes
SleepEx
RaiseException
LocalAlloc
LocalFree
SetThreadExecutionState
SetCommTimeouts
SetEnvironmentVariableA
GetModuleFileNameA
UnregisterWaitEx
InitializeSListHead
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
WriteConsoleW
SetFilePointerEx
GetOEMCP
IsValidCodePage
IsDebuggerPresent
GetProcessHeap
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetStartupInfoW
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
SwitchToThread
SignalObjectAndWait
Sleep
CreateTimerQueue
GetCPInfo
GetCommandLineA
GetModuleHandleA
FreeLibraryAndExitThread
OutputDebugStringW
GetConsoleCP
ReadConsoleW
GetConsoleMode
LoadLibraryExW
ExitThread
CreateThread
GetFileType
SetStdHandle
IsProcessorFeaturePresent
LoadLibraryExA
AreFileApisANSI
GetModuleHandleExW
SetConsoleCtrlHandler
GetACP
HeapReAlloc
DecodePointer
EncodePointer
GetStringTypeW
WaitForSingleObjectEx
ResetEvent
MultiByteToWideChar
SetLastError
WideCharToMultiByte
DuplicateHandle
CloseHandle
OutputDebugStringA
GetCurrentThreadId
GetCurrentProcess
GetWindowsDirectoryW
GetCommandLineW
GetTimeZoneInformation
SystemTimeToFileTime
GetSystemTimeAsFileTime
QueryPerformanceFrequency
FileTimeToLocalFileTime
GetLastError
LoadLibraryW
GetProcAddress
GetModuleHandleW
QueueUserAPC
TlsGetValue
user32
GetLastInputInfo
ws2_32
htons
ntohs
bind
closesocket
connect
htonl
WSAStringToAddressW
WSAAddressToStringW
WSACleanup
WSAStartup
gethostbyname
gethostbyaddr
inet_addr
ntohl
getservbyname
WSAGetLastError
socket
sendto
send
recv
ole32
CoUninitialize
CoCreateInstance
CoInitialize
CoFreeUnusedLibraries
oleaut32
VarBstrFromDate
SysFreeString
LoadTypeLi
LoadRegTypeLi
wininet
InternetCrackUrlW
InternetConnectW
InternetOpenW
InternetCloseHandle
InternetReadFile
InternetWriteFile
InternetSetOptionW
HttpOpenRequestW
HttpAddRequestHeadersW
HttpSendRequestExW
HttpEndRequestW
HttpQueryInfoW
setupapi
SetupDiGetDeviceRegistryPropertyW
SetupDiOpenDevRegKey
SetupDiGetClassDevsW
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
shell32
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc
advapi32
RegCreateKeyExW
RegEnumValueW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
CloseServiceHandle
ControlService
CreateServiceW
DeleteService
OpenSCManagerW
OpenServiceW
RegisterServiceCtrlHandlerExW
SetServiceStatus
StartServiceCtrlDispatcherW
RegCloseKey
version
GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW
ntdll
NtPowerInformation
RtlLookupFunctionEntry
RtlUnwindEx
RtlVirtualUnwind
RtlPcToFileHeader
Sections
.text Size: 1.0MB - Virtual size: 1.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 371KB - Virtual size: 370KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 29KB - Virtual size: 64KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 58KB - Virtual size: 58KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 22KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ