Static task
static1
Behavioral task
behavioral1
Sample
f385c9a7266401e697867837bff2961c9fc11420a9a8b60a0dd52bb56d8837f3.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
f385c9a7266401e697867837bff2961c9fc11420a9a8b60a0dd52bb56d8837f3.exe
Resource
win10v2004-20220812-en
General
-
Target
f385c9a7266401e697867837bff2961c9fc11420a9a8b60a0dd52bb56d8837f3
-
Size
24KB
-
MD5
2e9b3b8fe2a85e86a4ba2f48e7771a8a
-
SHA1
d39ca0b320a1da11ee78a0a5b3f26a8b24a5905f
-
SHA256
f385c9a7266401e697867837bff2961c9fc11420a9a8b60a0dd52bb56d8837f3
-
SHA512
a8d3de239ecff2d874a9b3ac6e3c188d705fe691c31acfd15a1882019264cbf7e3fc421e3866b9e391c8ba970a3a41d5ee46c8b21d09419fac50bdd8e0592367
-
SSDEEP
768:a4MGGG76XDIDSAaQFxfftjaLacmkLGKddm:acGJXEDSA7FxffJaLaSLGydm
Malware Config
Signatures
Files
-
f385c9a7266401e697867837bff2961c9fc11420a9a8b60a0dd52bb56d8837f3.exe windows x86
ec956309f99bfaabb1653094e7611b19
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetCurrentThreadId
CreateThread
ExitProcess
lstrcmpiA
lstrcatA
GetModuleFileNameA
FreeLibrary
GetProcAddress
LoadLibraryA
DeleteFileA
GetTickCount
CreateToolhelp32Snapshot
user32
wsprintfA
PostThreadMessageA
GetMessageA
TranslateMessage
DispatchMessageA
msvcrt
fopen
fgets
Sections
.data Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 1024B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ