Static task
static1
Behavioral task
behavioral1
Sample
3db5ae68b6d38e60ac83662dfcc1622ccea1c2f953cb692d95cb8c5ba0da127f.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
3db5ae68b6d38e60ac83662dfcc1622ccea1c2f953cb692d95cb8c5ba0da127f.exe
Resource
win10v2004-20220901-en
General
-
Target
3db5ae68b6d38e60ac83662dfcc1622ccea1c2f953cb692d95cb8c5ba0da127f
-
Size
5.4MB
-
MD5
af0d2e04ebd2664f2b99ea0da6af2d57
-
SHA1
183290a7fb4e9fdfcefb9fc841ce069d80f936b2
-
SHA256
3db5ae68b6d38e60ac83662dfcc1622ccea1c2f953cb692d95cb8c5ba0da127f
-
SHA512
5df20d7120e79282cf7ede5f7c14824920c61b8aba94c78043f1a9222cfd7645e1fc5913bea41826aa541aeedd4def1d00c22b3968afb9cacba147eb7cad0642
-
SSDEEP
98304:4E5RKWZ5iRfiJT51vX7etzz6SIy8i9h7nskTHuk0IWN8ml:44RKzfiJT5MFIy8Vsc8M
Malware Config
Signatures
Files
-
3db5ae68b6d38e60ac83662dfcc1622ccea1c2f953cb692d95cb8c5ba0da127f.exe windows x86
28dda0731a1ef3786274fb7a69790ff8
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LockResource
LoadResource
SizeofResource
FindResourceW
CreateThread
InterlockedIncrement
InterlockedDecrement
lstrcmpiW
GetCommandLineW
GetDiskFreeSpaceExW
OutputDebugStringW
WaitForMultipleObjects
GetStdHandle
GetFileInformationByHandle
GetSystemInfo
GetCurrentProcess
GetProcessAffinityMask
GlobalMemoryStatus
FileTimeToSystemTime
FileTimeToLocalFileTime
SetFilePointer
SetEndOfFile
ReadFile
WriteFile
GetFileSize
FindCloseChangeNotification
FindFirstChangeNotificationW
FindNextFileW
FindFirstFileW
GetModuleHandleA
GetLogicalDriveStringsW
FindClose
MoveFileExW
MoveFileW
DeleteFileW
GetFileAttributesW
SetFileAttributesW
CreateFileW
RemoveDirectoryW
CreateDirectoryW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetWindowsDirectoryW
GetTempPathW
SetFileTime
SetLastError
GetCurrentThreadId
GetCurrentProcessId
FormatMessageW
LocalFree
GetModuleFileNameW
LoadLibraryW
FreeLibrary
WideCharToMultiByte
MultiByteToWideChar
CreateSemaphoreW
CreateEventW
CloseHandle
WaitForSingleObject
ReleaseSemaphore
ResetEvent
SetEvent
InitializeCriticalSection
GetSystemDirectoryW
LoadLibraryExW
lstrlenW
lstrcatW
GetVersionExW
VirtualFree
VirtualAlloc
GetVolumeInformationW
GetDiskFreeSpaceW
GetDriveTypeW
GetModuleHandleW
GetProcAddress
Sleep
CompareFileTime
GetTickCount
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
WriteConsoleW
ReadConsoleW
SetStdHandle
OutputDebugStringA
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExW
GetLastError
RaiseException
DecodePointer
FindFirstFileExA
GetTimeZoneInformation
SetConsoleCtrlHandler
GetStringTypeW
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
WaitForSingleObjectEx
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
InitializeSListHead
GetACP
VerSetConditionMask
VerifyVersionInfoW
FreeResource
ExitProcess
MulDiv
OpenProcess
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetFileType
DuplicateHandle
SystemTimeToFileTime
DosDateTimeToFileTime
GetLocalTime
LocalAlloc
GetExitCodeProcess
ReadProcessMemory
lstrcpyW
CreateProcessW
BeginUpdateResourceW
UpdateResourceW
EndUpdateResourceW
WritePrivateProfileStringW
CopyFileW
GetTimeFormatW
GetDateFormatW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
QueryDosDeviceW
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
ExitThread
ResumeThread
FreeLibraryAndExitThread
GetModuleHandleExW
HeapAlloc
HeapReAlloc
HeapFree
GetModuleFileNameA
GetCurrentThread
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
HeapSize
GetProcessHeap
user32
GetClientRect
AdjustWindowRectEx
GetParent
GetWindow
LoadCursorW
LoadImageW
MonitorFromWindow
GetMonitorInfoW
SetCursor
InflateRect
UnionRect
OffsetRect
UpdateLayeredWindow
SetCapture
GetDC
ReleaseDC
BeginPaint
EndPaint
GetUpdateRect
GetCursorPos
MapWindowPoints
IsRectEmpty
PtInRect
UpdateWindow
IntersectRect
IsIconic
SetWindowRgn
CharPrevW
DrawTextW
FillRect
SetRect
GetDesktopWindow
MonitorFromPoint
GetWindowRgn
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
CreateCaret
HideCaret
ShowCaret
GetPropW
GetCaretPos
ClientToScreen
GetSysColor
CreateAcceleratorTableW
SetPropW
AttachThreadInput
GetClipboardData
IsClipboardFormatAvailable
CharLowerW
keybd_event
GetForegroundWindow
FindWindowExW
GetClassNameW
GetWindowThreadProcessId
DestroyIcon
GetIconInfo
FindWindowW
EnumDisplayMonitors
SetForegroundWindow
GetMenu
GetSystemMetrics
MsgWaitForMultipleObjects
BringWindowToTop
PostMessageW
UnregisterClassW
IsWindowVisible
SetWindowPos
DestroyWindow
IsWindow
GetClassInfoExW
RegisterClassExW
RegisterClassW
DefWindowProcW
PeekMessageW
DispatchMessageW
CharNextW
PostQuitMessage
KillTimer
SetTimer
ReleaseCapture
IsZoomed
MessageBoxW
CharPrevExA
GetWindowTextLengthW
GetWindowTextW
LoadStringW
wsprintfW
CreateWindowExW
CallWindowProcW
SystemParametersInfoW
MapDialogRect
SetWindowLongW
GetWindowLongW
GetDialogBaseUnits
DialogBoxParamW
CreateDialogParamW
CharUpperW
ScreenToClient
GetWindowRect
SetWindowTextW
InvalidateRect
EnableWindow
GetKeyState
GetFocus
SetFocus
SetDlgItemTextW
GetDlgItem
EndDialog
MoveWindow
TranslateMessage
GetMessageW
InvalidateRgn
SendMessageW
ShowWindow
SetCaretPos
gdi32
CreateDIBSection
GetObjectW
SetWindowOrgEx
CreateDCW
GetDIBits
DeleteObject
GetTextMetricsW
CreateRoundRectRgn
GetObjectA
CombineRgn
CreatePenIndirect
CreateRectRgnIndirect
CreateSolidBrush
GetCharABCWidthsW
GetClipBox
GetTextExtentPoint32W
LineTo
SelectClipRgn
ExtSelectClipRgn
SetBkColor
SetBkMode
StretchBlt
SetStretchBltMode
SetTextColor
MoveToEx
TextOutW
GdiFlush
GetDeviceCaps
CreateRectRgn
PtInRegion
SelectObject
SaveDC
RestoreDC
Rectangle
GetStockObject
DeleteDC
CreatePen
CreateFontIndirectW
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
CreateICW
comdlg32
GetOpenFileNameW
GetSaveFileNameW
CommDlgExtendedError
advapi32
RegQueryValueExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyW
RegEnumKeyW
RegCreateKeyExA
DuplicateTokenEx
CreateProcessAsUserW
LookupAccountSidW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
SetTokenInformation
GetTokenInformation
OpenProcessToken
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegOpenKeyExW
shell32
ShellExecuteExW
SHGetSpecialFolderPathW
SHGetSpecialFolderLocation
ord75
SHFileOperationW
ShellExecuteW
SHGetFileInfoW
DragQueryFileW
DragFinish
SHGetMalloc
SHGetPathFromIDListW
SHBrowseForFolderW
ole32
CoUninitialize
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
OleInitialize
CoInitialize
CoCreateInstance
RegisterDragDrop
RevokeDragDrop
CreateStreamOnHGlobal
CoCreateGuid
OleLockRunning
CLSIDFromProgID
CLSIDFromString
oleaut32
VariantInit
VariantCopy
SysFreeString
VarUI4FromStr
SysStringLen
SysAllocString
SysAllocStringLen
VariantClear
gdiplus
GdipCloneImage
GdipDisposeImage
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCreateFromHDC
GdipDeleteGraphics
GdipDrawImageRectI
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipSetTextRenderingHint
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipDeleteFont
GdipDrawString
GdipMeasureString
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatFlags
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipSetStringFormatTrimming
GdipCreatePath
GdipDeletePath
GdipAddPathLineI
GdipAddPathArcI
GdipCreatePen1
GdipDeletePen
GdipFree
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipSetCompositingMode
GdipSetCompositingQuality
GdipSetSmoothingMode
GdipSetPixelOffsetMode
GdipSetInterpolationMode
GdipDrawRectangleI
GdipDrawPath
GdipFillRectangleI
GdipDrawImageRectRect
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipGetGenericFontFamilySansSerif
GdipCreateFont
GdipStringFormatGetGenericTypographic
GdipCloneStringFormat
GdiplusStartup
GdiplusShutdown
GdipCreateLineBrushI
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipDrawArcI
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromHBITMAP
GdipAlloc
GdipSetPenMode
GdipCreateHBITMAPFromBitmap
shlwapi
PathRemoveBackslashW
PathFileExistsW
PathIsRootW
ord219
wnsprintfW
PathRemoveFileSpecW
SHGetValueW
PathAddBackslashW
PathQuoteSpacesW
comctl32
_TrackMouseEvent
ord17
psapi
GetModuleFileNameExW
EnumProcesses
imm32
ImmGetContext
ImmReleaseContext
ImmSetCompositionWindow
userenv
DestroyEnvironmentBlock
CreateEnvironmentBlock
version
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
Sections
.text Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 271KB - Virtual size: 270KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 17KB - Virtual size: 52KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 550KB - Virtual size: 550KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 64KB - Virtual size: 63KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ