Static task
static1
Behavioral task
behavioral1
Sample
94cbb772b357abecc03cd50b866bf17bfd6f94b4c171de25615c28ddf429a1f1.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
94cbb772b357abecc03cd50b866bf17bfd6f94b4c171de25615c28ddf429a1f1.exe
Resource
win10v2004-20221111-en
General
-
Target
94cbb772b357abecc03cd50b866bf17bfd6f94b4c171de25615c28ddf429a1f1
-
Size
121KB
-
MD5
236f2835f493b65f999173f1814c2483
-
SHA1
0a1913dead09dd8131822925c3d9b3c74bce8478
-
SHA256
94cbb772b357abecc03cd50b866bf17bfd6f94b4c171de25615c28ddf429a1f1
-
SHA512
01cc968936fb7c4f141bed7fdc29b280168851f33bdb14effe1453d7c3ff65f37a18b57bf89c0aab41c3a948469cb9699b13f6250a8dc5fc7896cc6507351b75
-
SSDEEP
1536:6q+K/eDy4yZjj5InlElGddCifOw+kQGf676y7OSSovbl33+G/GE4:6hK/SVqLl6FJQO6+y7pSWl3TGE4
Malware Config
Signatures
Files
-
94cbb772b357abecc03cd50b866bf17bfd6f94b4c171de25615c28ddf429a1f1.exe windows x86
bdea1d619c0f5736281df2dfee8ebf3e
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
user32
DefWindowProcA
SetWindowLongA
GetSysColor
GetClassLongA
GetActiveWindow
GetMenuItemCount
GetClientRect
GetScrollRange
ShowWindow
GetMenuStringA
GetFocus
GetDesktopWindow
GetPropA
kernel32
ExitThread
GetVersion
LoadLibraryExA
SizeofResource
Sleep
HeapFree
GetStdHandle
GlobalDeleteAtom
GetCurrentThreadId
GetEnvironmentStrings
InitializeCriticalSection
GetCPInfo
WriteFile
lstrcpynA
RaiseException
MoveFileExA
SetFilePointer
GetStringTypeW
GetOEMCP
GetCurrentProcess
FreeLibrary
CloseHandle
WaitForSingleObject
GetStartupInfoA
MoveFileA
GetTickCount
DeleteFileA
LockResource
GetACP
MulDiv
lstrcmpiA
GetFileSize
GetUserDefaultLCID
DeleteCriticalSection
SetErrorMode
FindClose
lstrcpyA
GetStringTypeA
GetFileType
FormatMessageA
GlobalAddAtomA
GetCurrentProcessId
GlobalFindAtomA
GetLastError
GetVersionExA
GetCurrentThread
EnterCriticalSection
LocalFree
ExitProcess
EnumCalendarInfoA
VirtualQuery
HeapDestroy
VirtualAllocEx
GetDateFormatA
SetThreadLocale
CreateThread
lstrcmpA
VirtualFree
CompareStringA
ReadFile
GetProcessHeap
CreateEventA
lstrlenA
WideCharToMultiByte
FindFirstFileA
lstrcatA
GetDiskFreeSpaceA
GetModuleFileNameA
GetLocaleInfoA
GetCommandLineA
GetThreadLocale
GetProcAddress
GetModuleHandleA
SetEvent
LoadResource
CreateFileA
LoadLibraryA
GetFileAttributesA
LocalAlloc
FreeResource
VirtualAlloc
GlobalAlloc
LocalReAlloc
FindResourceA
HeapAlloc
GetFullPathNameA
GetLocalTime
SetHandleCount
msvcrt
pow
strlen
calloc
_acmdln
tolower
log10
fabs
strcmp
memcpy
Sections
CODE Size: 111KB - Virtual size: 110KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
DATA Size: 512B - Virtual size: 342B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE