??4_Init_locks@std@@QAEAAV01@ABV01@@Z
Static task
static1
Behavioral task
behavioral1
Sample
9765a68f2ffcc2b736e07f4c6e701d8609f4019ed144611ddea52411f984bb85.exe
Resource
win7-20221111-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
9765a68f2ffcc2b736e07f4c6e701d8609f4019ed144611ddea52411f984bb85.exe
Resource
win10v2004-20221111-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
9765a68f2ffcc2b736e07f4c6e701d8609f4019ed144611ddea52411f984bb85
-
Size
1.7MB
-
MD5
9878236c9dba75a0979b5f22e21b6640
-
SHA1
a4e7772bec8bb4d2db4f34d89f7aacf6ce5a8b25
-
SHA256
9765a68f2ffcc2b736e07f4c6e701d8609f4019ed144611ddea52411f984bb85
-
SHA512
e792ed2082359276eee5a5a14af9dbbf9c2a8a761fcaf02a56cc5cc4bab07fbc24329d0651a1c7ac86edf0246e75365a491208891fd7b44a6d02167192477b74
-
SSDEEP
24576:tVJcGB24ohvvbLktkjShH//yf6vqPhntHtq2iO8V9LLaFfwxLP15r3zuh5EeDuKQ:trcG9pM6uYV9L60LdJDuQEuOUVVb
Score
N/A
Malware Config
Signatures
Files
-
9765a68f2ffcc2b736e07f4c6e701d8609f4019ed144611ddea52411f984bb85.exe windows x86
481cc976b801202d02d3d4b7b1f00304
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
shlwapi
PathFileExistsW
PathRemoveFileSpecW
PathRemoveFileSpecA
ws2_32
htons
htonl
kernel32
GetCurrentDirectoryW
GlobalLock
WideCharToMultiByte
MultiByteToWideChar
GlobalUnlock
GetProcAddress
CreateFileA
SetFilePointer
ReadFile
GetFileAttributesW
GetPrivateProfileSectionNamesW
GetPrivateProfileStringW
GetPrivateProfileSectionW
GlobalAlloc
Sleep
CreateMutexW
GetTickCount
WriteFile
InitializeCriticalSection
OpenProcess
LeaveCriticalSection
TerminateProcess
CreateFileW
GetFileSizeEx
EnterCriticalSection
Process32FirstW
Process32NextW
CreateToolhelp32Snapshot
DeleteCriticalSection
GetFileSize
FindFirstFileW
CreatePipe
DuplicateHandle
CreateEventW
GetModuleFileNameW
WaitForSingleObject
FindClose
FindNextFileW
GetLogicalDriveStringsW
GetDiskFreeSpaceExW
SetFileAttributesW
SetFilePointerEx
GetCurrentProcess
CreateProcessW
PeekNamedPipe
LockResource
SizeofResource
LoadResource
FindResourceW
DeleteFileA
LocalFree
DeleteFileW
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetModuleHandleW
lstrlenW
FreeResource
ExitProcess
InterlockedIncrement
InterlockedDecrement
MulDiv
DosDateTimeToFileTime
SystemTimeToFileTime
GetFileType
InterlockedExchange
InterlockedCompareExchange
GetStartupInfoA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GlobalFree
GetLocalTime
CreateThread
FreeLibrary
LoadLibraryW
WinExec
CloseHandle
GetLastError
FormatMessageW
GetModuleFileNameA
user32
RegisterClassW
GetClassInfoExW
RegisterClassExW
CallWindowProcW
SetPropW
GetPropW
LoadIconW
GetMonitorInfoW
MonitorFromWindow
SetWindowRgn
MoveWindow
SetForegroundWindow
FillRect
DrawTextW
SetRect
CharPrevW
ShowCaret
HideCaret
GetSysColor
GetCaretPos
GetWindowRgn
InvalidateRgn
CreateAcceleratorTableW
SetWindowTextW
IsIconic
IsRectEmpty
GetUpdateRect
EndPaint
BeginPaint
SetFocus
GetWindow
GetKeyState
GetFocus
CreateCaret
SetCaretPos
GetCaretBlinkTime
SetTimer
KillTimer
DestroyWindow
MapWindowPoints
CreateWindowExW
GetCursorPos
GetMessageW
TranslateMessage
DispatchMessageW
IsWindow
wsprintfW
MessageBoxW
ShowWindow
FindWindowW
SetWindowLongW
GetWindowLongW
LoadImageW
SystemParametersInfoW
EnableWindow
GetClientRect
PostQuitMessage
ScreenToClient
ClientToScreen
InvalidateRect
IntersectRect
GetWindowRect
DefWindowProcW
wvsprintfW
InflateRect
SetWindowPos
IsZoomed
CharLowerW
PostMessageW
OffsetRect
DrawIconEx
LoadCursorW
SetCursor
CharNextW
GetParent
ReleaseCapture
SetCapture
GetDC
ReleaseDC
GetWindowTextLengthW
PtInRect
GetWindowTextW
GetSystemMetrics
SendMessageW
UpdateLayeredWindow
gdi32
SetWindowOrgEx
GetTextMetricsW
SetStretchBltMode
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
Rectangle
RestoreDC
SaveDC
CreateDIBSection
DeleteDC
RoundRect
LineTo
MoveToEx
CreatePenIndirect
DeleteObject
CombineRgn
ExtSelectClipRgn
CreateRectRgnIndirect
GetClipBox
SelectClipRgn
CreateRoundRectRgn
CreateSolidBrush
SetBkMode
SetTextColor
SetBkColor
GetCharABCWidthsW
GetTextExtentPoint32W
BitBlt
TextOutW
GetDeviceCaps
GetPixel
SetPixel
CreateRectRgn
PtInRegion
CreatePen
CreateFontIndirectW
GetStockObject
StretchBlt
GetObjectW
shell32
ord165
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteA
ShellExecuteW
SHGetSpecialFolderPathW
CommandLineToArgvW
Shell_NotifyIconW
ole32
OleSetContainedObject
CoCreateInstance
CoInitialize
OleUninitialize
OleInitialize
CoUninitialize
OleLockRunning
CLSIDFromString
CLSIDFromProgID
CreateStreamOnHGlobal
oleaut32
SysFreeString
SysAllocString
VariantClear
VariantInit
msvcp90
?open@?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXPB_WHH@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@XZ
?close@?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?open@?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXPB_WHH@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??_D?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
?close@?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIABV12@I@Z
?replace@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@IIABV12@@Z
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIABV12@@Z
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?find_last_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?uncaught_exception@std@@YA_NXZ
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEHPB_WH@Z
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
?str@?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
??0?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
??_D?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
?str@?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??$?6DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?swap@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXAAV12@@Z
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
?deallocate@?$allocator@D@std@@QAEXPADI@Z
?allocate@?$allocator@D@std@@QAEPADI@Z
?_Xbad@tr1@std@@YAXW4error_type@regex_constants@12@@Z
?id@?$ctype@D@std@@2V0locale@2@A
?_Xmem@tr1@std@@YAXXZ
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?id@?$collate@D@std@@2V0locale@2@A
?_Getcat@?$collate@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?transform@?$collate@D@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@PBD0@Z
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$_String_const_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$_String_const_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?tolower@?$ctype@D@std@@QBEPBDPADPBD@Z
?tolower@?$ctype@D@std@@QBEDD@Z
?_Getfacet@locale@std@@QBEPBVfacet@12@I@Z
??1locale@std@@QAE@XZ
??0locale@std@@QAE@XZ
?_Incref@facet@locale@std@@QAEXXZ
??Bid@locale@std@@QAEIXZ
?_Decref@facet@locale@std@@QAEPAV123@XZ
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_WABV10@@Z
gdiplus
GdipDeleteBrush
GdipFree
GdipAlloc
GdipFillRectangleI
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipCreateSolidFill
GdipGetPropertyItem
GdipGetImageWidth
GdipGetImageHeight
GdipDisposeImage
GdipCloneImage
GdipDrawImageRectI
GdipImageSelectActiveFrame
GdipLoadImageFromStream
GdipGetPropertyItemSize
GdiplusStartup
GdiplusShutdown
GdipDeleteGraphics
GdipCreateFromHDC
msvcr90
_wtof
wcsncmp
iswalnum
_gmtime64
??0bad_cast@std@@QAE@PBD@Z
??0bad_cast@std@@QAE@ABV01@@Z
??1bad_cast@std@@UAE@XZ
exit
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
__CxxFrameHandler3
?terminate@@YAXXZ
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
_ismbblead
_acmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler4_common
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_invoke_watson
_controlfp_s
calloc
_wcslwr
__RTDynamicCast
wcstoul
toupper
wcscpy_s
_recalloc
memset
memmove
_wtoi
_atoi64
strrchr
vswprintf_s
fprintf
_localtime64
isdigit
wcstol
wcsstr
wcsrchr
strchr
malloc
free
wprintf
memmove_s
_wtoi64
_wsplitpath
_vswprintf
_wfopen
fflush
_swprintf
fwprintf
wcsncpy_s
wcschr
_beginthreadex
_purecall
_wcsicmp
ceil
strstr
fclose
isalpha
fopen
sprintf
??_V@YAXPAX@Z
wcsncpy
??2@YAPAXI@Z
printf
_invalid_parameter_noinfo
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??3@YAXPAX@Z
_memicmp
_stricmp
_strnicmp
_wcsnicmp
abort
_CxxThrowException
memcpy
_CIsqrt
_CIcos
_CIsin
realloc
d3d9
Direct3DCreate9
wininet
InternetCloseHandle
HttpQueryInfoW
InternetOpenW
InternetReadFile
InternetOpenUrlW
winmm
timeGetTime
timeSetEvent
timeBeginPeriod
timeGetDevCaps
timeEndPeriod
timeKillEvent
comctl32
ord17
_TrackMouseEvent
imm32
ImmGetContext
ImmSetCompositionWindow
ImmReleaseContext
Exports
Exports
Sections
.text Size: 766KB - Virtual size: 766KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 136KB - Virtual size: 135KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 15KB - Virtual size: 31KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 738KB - Virtual size: 737KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 63KB - Virtual size: 62KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ