Static task
static1
Behavioral task
behavioral1
Sample
a8f208d2304a92dd599eb72739e9028f193fe71a897edb819dbaccc9b47729ae.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
a8f208d2304a92dd599eb72739e9028f193fe71a897edb819dbaccc9b47729ae.exe
Resource
win10v2004-20220901-en
General
-
Target
a8f208d2304a92dd599eb72739e9028f193fe71a897edb819dbaccc9b47729ae
-
Size
40KB
-
MD5
ed3ea010d40a464485588c093a50af9a
-
SHA1
8b2a4601965a891ec5546ac99eda8ab97b7443d8
-
SHA256
a8f208d2304a92dd599eb72739e9028f193fe71a897edb819dbaccc9b47729ae
-
SHA512
56f5e6255a465059038b11333f041126a67ed4618870bfd5a88fcb2e27cb8bde3eed86f2a1b12ba2ea5df25e054827c062d559287124886d2e296f1c962ea61e
-
SSDEEP
384:KmSBb3AD5lgc+sSGCDoRET3PUfD90yCJUL7CmJo2k:KmrD39+sSRG6Q0PU//Jo2k
Malware Config
Signatures
Files
-
a8f208d2304a92dd599eb72739e9028f193fe71a897edb819dbaccc9b47729ae.exe windows x86
510c175773b3c732752c46a874e42607
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CreateMutexA
LCMapStringA
LoadLibraryA
GetProcAddress
HeapReAlloc
VirtualAlloc
HeapAlloc
GetOEMCP
GetLastError
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
WriteFile
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetModuleFileNameA
CreateThread
GetACP
Sleep
ExitProcess
TerminateProcess
GetCurrentProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
LCMapStringW
wsock32
sendto
bind
listen
socket
inet_ntoa
connect
ioctlsocket
gethostbyname
htons
getsockname
accept
select
__WSAFDIsSet
recv
send
closesocket
WSAStartup
WSACleanup
advapi32
RegSetValueExA
RegCloseKey
RegCreateKeyExA
Sections
.text Size: 20KB - Virtual size: 16KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE