Static task
static1
Behavioral task
behavioral1
Sample
dca16a0e7bdc4968f1988c2d38db133a0e742edf702c923b4f4a3c2f3bdaacf5.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
dca16a0e7bdc4968f1988c2d38db133a0e742edf702c923b4f4a3c2f3bdaacf5.exe
Resource
win10v2004-20220812-en
General
-
Target
8662276816.zip
-
Size
103KB
-
MD5
94a047a183b3e6cf1bf4fcb4ef946de8
-
SHA1
1fdeefd1fe8a888f6e7ade12f69b334a90485c26
-
SHA256
988ac9e194dbe48358cb0bc14bb0872b7fb483c4dfdb9ab55d1f0e7f385f52be
-
SHA512
9c9cfc11d3531e1cc549a30fdba44330e585b95d6fe81c77a089e5675dd5042337454d7eac9da6233ddb36a55eb2881659c3b8ad8d1ab5927def6e0d35fa64e5
-
SSDEEP
1536:XUejdBEsAw5nL0980WUB3QZwdMcn8Duu+Mz5f2QzyVLh/cPTVpHqI8t/1Onwn:Z5Oxw5nLO80WUBNdM1zkVLpi3Hp8twW
Malware Config
Signatures
Files
-
8662276816.zip.zip
Password: infected
-
dca16a0e7bdc4968f1988c2d38db133a0e742edf702c923b4f4a3c2f3bdaacf5.exe windows x86
94c0b269c3199cdb46193be30d20c93b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetProcessHeap
IsBadCodePtr
GetModuleHandleA
VirtualQuery
GetSystemInfo
IsBadReadPtr
HeapCreate
ExitProcess
GetCommandLineA
IsBadStringPtrA
InterlockedIncrement
GetQueuedCompletionStatus
GetLastError
CloseHandle
CreateIoCompletionPort
GetTickCount
HeapFree
HeapReAlloc
HeapAlloc
lstrlenA
HeapDestroy
user32
IsDialogMessageW
ShowWindow
CreateDialogParamW
DrawTextW
PeekMessageW
TranslateMessage
DispatchMessageW
gdi32
CreatePen
CreateCompatibleDC
CreateCompatibleBitmap
CreateRectRgn
BitBlt
DeleteObject
DeleteDC
CreateBitmap
ole32
CoUninitialize
CoInitializeEx
CreateStreamOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
shell32
DragAcceptFiles
DragFinish
DragQueryFileW
CommandLineToArgvW
comctl32
_TrackMouseEvent
InitCommonControlsEx
msimg32
AlphaBlend
GradientFill
winmm
timeGetTime
timeEndPeriod
timeBeginPeriod
winspool.drv
ClosePrinter
DocumentPropertiesA
OpenPrinterA
Sections
.text Size: 12KB - Virtual size: 11KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 136KB - Virtual size: 135KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 236B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE