Static task
static1
Behavioral task
behavioral1
Sample
f0c06346422d9f257f2f8a5c794f1d4a9f129bdd105c9c57ea5c462daf964ab3.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
f0c06346422d9f257f2f8a5c794f1d4a9f129bdd105c9c57ea5c462daf964ab3.exe
Resource
win10v2004-20220812-en
General
-
Target
f0c06346422d9f257f2f8a5c794f1d4a9f129bdd105c9c57ea5c462daf964ab3
-
Size
303KB
-
MD5
3e3770c7f391d6caf3fa5bcb01c53ef0
-
SHA1
f3dcdc70de182210436c55768561f5f442285929
-
SHA256
f0c06346422d9f257f2f8a5c794f1d4a9f129bdd105c9c57ea5c462daf964ab3
-
SHA512
94791a0ac996656bfa29a811a00cf0f4866e2680aa04122a2a058a7f56185206212132cd5c784e95df085c14133638bc5d103df3001bbdd5673882b6c183becc
-
SSDEEP
6144:CYaqtgtTt4N79W8dArELfIVNKVf8aFlikHLja+xC:CYaqtgth4x93qrETIVNKFPLjJ8
Malware Config
Signatures
Files
-
f0c06346422d9f257f2f8a5c794f1d4a9f129bdd105c9c57ea5c462daf964ab3.exe windows x86
257b28c2aca84f1e5c2df5d66e37bad6
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
Sleep
WriteFileEx
CreateDirectoryA
GetPrivateProfileIntA
WaitForSingleObject
LoadLibraryA
GetExitCodeProcess
InterlockedDecrement
GetDiskFreeSpaceW
GetPrivateProfileIntA
GetFileAttributesA
InterlockedIncrement
Sleep
GetDiskFreeSpaceW
lstrcpyW
FindResourceW
VirtualAllocEx
Sleep
lstrcmpA
GetLongPathNameA
GetPrivateProfileSectionA
ExitProcess
SetEnvironmentVariableA
apphelp
ApphelpCheckIME
SdbCreateMsiTransformFile
ApphelpCheckExe
AllowPermLayer
Sections
.text Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rss Size: 298KB - Virtual size: 297KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ