Static task
static1
Behavioral task
behavioral1
Sample
4a452159c823d3e7d78ea7a4dba24e0b4a43ab72b9e499d69e85eff1bd675566.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
4a452159c823d3e7d78ea7a4dba24e0b4a43ab72b9e499d69e85eff1bd675566.exe
Resource
win10v2004-20220812-en
General
-
Target
4a452159c823d3e7d78ea7a4dba24e0b4a43ab72b9e499d69e85eff1bd675566
-
Size
1.8MB
-
MD5
258dbda919c4f1cfdbc5ecb1beca2e58
-
SHA1
ab8e17340a69aa43e2ba0964107dc4c6bfcdbc38
-
SHA256
4a452159c823d3e7d78ea7a4dba24e0b4a43ab72b9e499d69e85eff1bd675566
-
SHA512
94f35c800855db631925f807e25ab8904f5f3f3a7df54ae29f6c912d096eb0a694a8f2cfcc74bd8223ae14c74965d3529030e1633025aab33c90aefe2384362b
-
SSDEEP
49152:9uHuE8C/CBYWlcifTjnbw5eZMZoQa7ZvHyXXkw+vWc9H:FBYnif3nckZK8H8U7+c
Malware Config
Signatures
Files
-
4a452159c823d3e7d78ea7a4dba24e0b4a43ab72b9e499d69e85eff1bd675566.exe windows x86
e6584686fea76743fc07d36904068478
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
shlwapi
PathFileExistsW
PathRemoveFileSpecW
wininet
InternetReadFile
InternetCloseHandle
InternetOpenUrlW
HttpQueryInfoW
InternetOpenW
kernel32
DeleteCriticalSection
SetFilePointer
FileTimeToSystemTime
GetPrivateProfileSectionNamesW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileSectionW
PeekNamedPipe
CreateProcessW
GetCurrentProcess
WaitForSingleObject
GetExitCodeProcess
GetModuleFileNameW
CreateEventW
CreatePipe
DuplicateHandle
GetCurrentDirectoryW
FormatMessageW
LocalFree
FindResourceExW
FindResourceW
LoadResource
SizeofResource
LockResource
GetProcAddress
GetModuleHandleW
Process32FirstW
GetDiskFreeSpaceW
EnterCriticalSection
MultiByteToWideChar
TerminateProcess
LeaveCriticalSection
OpenProcess
InitializeCriticalSection
SystemTimeToFileTime
CreateMutexW
GetVolumeInformationW
GetDiskFreeSpaceExW
VirtualAlloc
VirtualFree
LoadLibraryW
FreeLibrary
CreateFileA
GetFileTime
FindNextFileW
FindClose
MoveFileW
FindFirstFileW
GetFileSize
GetModuleHandleA
FlushFileBuffers
DeleteFileW
GetLocalTime
GetFileAttributesW
SetFileTime
DosDateTimeToFileTime
MulDiv
FreeResource
CreateToolhelp32Snapshot
GetProcessHeap
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
SetStdHandle
GetConsoleMode
GetConsoleCP
InitializeCriticalSectionAndSpinCount
LoadLibraryA
WideCharToMultiByte
CreateDirectoryW
GetFileSizeEx
CreateThread
GetSystemTime
GlobalFree
Sleep
GlobalAlloc
GetDateFormatA
GetTimeFormatA
CloseHandle
DeviceIoControl
GetLastError
CreateFileW
ReadFile
WriteFile
GetTickCount
SetFilePointerEx
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
GetOEMCP
GetACP
GetStringTypeW
LCMapStringA
LCMapStringW
GetCPInfo
RtlUnwind
RaiseException
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetStringTypeA
GetSystemTimeAsFileTime
GetStartupInfoA
GetCommandLineA
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
ExitThread
HeapReAlloc
HeapDestroy
Process32NextW
HeapCreate
ExitProcess
HeapSize
SetLastError
InterlockedIncrement
InterlockedDecrement
InterlockedCompareExchange
InterlockedExchange
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapAlloc
TlsFree
user32
wvsprintfW
wsprintfW
CharLowerW
MessageBoxW
ShowWindow
FindWindowW
CharLowerA
GetSystemMetrics
SendMessageW
RegisterDeviceNotificationW
CharUpperW
GetClientRect
IsZoomed
PostQuitMessage
ScreenToClient
ClientToScreen
SetWindowPos
GetWindowTextW
PtInRect
GetWindowTextLengthW
PostMessageW
MoveWindow
GetMonitorInfoW
DestroyWindow
LoadCursorW
RegisterClassExW
GetWindowRgn
CreateWindowExW
DefWindowProcW
GetDC
InflateRect
OffsetRect
ReleaseDC
SetWindowRgn
GetWindowRect
IsIconic
SetForegroundWindow
GetParent
IntersectRect
IsWindow
DispatchMessageW
TranslateMessage
SetFocus
GetMessageW
EnableWindow
GetWindow
LoadImageW
CallWindowProcW
GetPropW
SetPropW
RegisterClassW
GetClassInfoExW
GetKeyState
InvalidateRect
SetTimer
KillTimer
SetCapture
ReleaseCapture
CharNextW
GetFocus
GetCursorPos
UpdateLayeredWindow
IsRectEmpty
EndPaint
BeginPaint
GetUpdateRect
SetCursor
MapWindowPoints
DrawIconEx
CreateCaret
HideCaret
ShowCaret
SetCaretPos
GetSysColor
FillRect
DrawTextW
CharPrevW
SetRect
InvalidateRgn
CreateAcceleratorTableW
SetWindowTextW
GetWindowLongW
MonitorFromWindow
SetWindowLongW
gdi32
CreatePen
CreateDIBSection
PtInRegion
CreateRectRgn
DeleteObject
CreateRoundRectRgn
BitBlt
DeleteDC
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
SetStretchBltMode
GetTextMetricsW
CreateFontIndirectW
GetObjectW
GetStockObject
SetWindowOrgEx
Rectangle
RestoreDC
SaveDC
GetDeviceCaps
GetObjectA
SelectClipRgn
ExtSelectClipRgn
CreateRectRgnIndirect
GetClipBox
CombineRgn
StretchBlt
ExtTextOutW
SetBkColor
CreateSolidBrush
LineTo
MoveToEx
CreatePenIndirect
RoundRect
SetTextColor
SetBkMode
TextOutW
GetTextExtentPoint32W
GetCharABCWidthsW
comdlg32
GetSaveFileNameW
GetOpenFileNameW
advapi32
RegCreateKeyA
RegCloseKey
RegQueryValueExA
RegOpenKeyA
RegSetValueExA
shell32
SHGetPathFromIDListW
SHFileOperationW
SHGetSpecialFolderPathW
ord165
SHBrowseForFolderW
ShellExecuteW
ole32
OleSetContainedObject
CoCreateInstance
CoInitialize
OleUninitialize
OleInitialize
CoUninitialize
OleLockRunning
CLSIDFromString
CLSIDFromProgID
oleaut32
SysFreeString
SysAllocString
VariantInit
VariantClear
ws2_32
getservbyname
closesocket
recv
gethostbyaddr
htons
inet_addr
WSAStartup
gethostname
htonl
gethostbyname
send
WSACleanup
socket
connect
iphlpapi
GetAdaptersInfo
gdiplus
GdipFree
GdipCloneBrush
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipDrawString
GdipSetTextRenderingHint
GdipCreateFromHDC
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipCreateLineBrushI
GdiplusShutdown
GdiplusStartup
GdipDeleteBrush
GdipAlloc
GdipCreateStringFormat
GdipDeleteStringFormat
GdipDeleteGraphics
GdipDeleteFont
winmm
timeSetEvent
timeKillEvent
timeEndPeriod
comctl32
ord17
_TrackMouseEvent
Sections
.text Size: 800KB - Virtual size: 799KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 126KB - Virtual size: 126KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 13KB - Virtual size: 25KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 872KB - Virtual size: 872KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 51KB - Virtual size: 51KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ