??4_Init_locks@std@@QAEAAV01@ABV01@@Z
Static task
static1
Behavioral task
behavioral1
Sample
d10b1776211b13c17dd7a31fcdc5cf51785e7576c0e9a37d3fbf126f30181926.exe
Resource
win7-20221111-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
d10b1776211b13c17dd7a31fcdc5cf51785e7576c0e9a37d3fbf126f30181926.exe
Resource
win10v2004-20220901-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
d10b1776211b13c17dd7a31fcdc5cf51785e7576c0e9a37d3fbf126f30181926
-
Size
1.6MB
-
MD5
1c2f7a65d6e78d60bec5855ee452fe13
-
SHA1
0cf5c34153b5c8e79721d1d25372213b57332800
-
SHA256
d10b1776211b13c17dd7a31fcdc5cf51785e7576c0e9a37d3fbf126f30181926
-
SHA512
b0b186cf15ad3a0019b94733a0e4c1126cb11aaed14021372f8aece94161906b7fa8c99c7896d76994ac14f7c1e3ce527f45a82fa1d3c48d5b6bb3f6a7eacf48
-
SSDEEP
24576:7QehElaRmQt+CTEyHlzFACivzOUsZnOtDZMMJq+bVVNcCNaTqlswxLP15r3zuh5v:71rGkmvziQHoCJ5LdJDuQEuOUVfa
Score
N/A
Malware Config
Signatures
Files
-
d10b1776211b13c17dd7a31fcdc5cf51785e7576c0e9a37d3fbf126f30181926.exe windows x86
68c82ed19a9eaaa9f6c7cd99a5d06619
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
shlwapi
PathFileExistsW
PathRemoveFileSpecW
ws2_32
htons
htonl
kernel32
GlobalLock
WideCharToMultiByte
MultiByteToWideChar
GlobalUnlock
GetProcAddress
CreateFileA
SetFilePointer
ReadFile
GetCurrentDirectoryW
GetPrivateProfileStringW
GetPrivateProfileSectionW
GlobalAlloc
Sleep
GlobalFree
CreateMutexW
GetTickCount
WriteFile
InitializeCriticalSection
OpenProcess
LeaveCriticalSection
TerminateProcess
CreateFileW
GetFileSizeEx
EnterCriticalSection
Process32FirstW
Process32NextW
CreateToolhelp32Snapshot
DeleteCriticalSection
GetFileSize
GetFileAttributesW
CreatePipe
DuplicateHandle
CreateEventW
GetModuleFileNameW
FindFirstFileW
FindClose
FindNextFileW
GetLogicalDriveStringsW
GetDiskFreeSpaceExW
SetFileAttributesW
SetFilePointerEx
WaitForSingleObject
GetCurrentProcess
CreateProcessW
PeekNamedPipe
LockResource
SizeofResource
LoadResource
FindResourceW
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetModuleHandleW
lstrlenW
FreeResource
ExitProcess
InterlockedIncrement
InterlockedDecrement
MulDiv
DosDateTimeToFileTime
SystemTimeToFileTime
GetFileType
InterlockedExchange
InterlockedCompareExchange
GetStartupInfoA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
CreateThread
FreeLibrary
LoadLibraryW
WinExec
DeleteFileA
CloseHandle
GetLastError
FormatMessageW
GetLocalTime
DeleteFileW
LocalFree
GetPrivateProfileSectionNamesW
user32
RegisterClassW
GetClassInfoExW
RegisterClassExW
CallWindowProcW
SetPropW
GetPropW
LoadIconW
GetMonitorInfoW
MonitorFromWindow
SetWindowRgn
MoveWindow
SetForegroundWindow
FillRect
DrawTextW
SetRect
CharPrevW
ShowCaret
HideCaret
GetSysColor
GetCaretPos
GetWindowRgn
InvalidateRgn
CreateAcceleratorTableW
SetWindowTextW
MapWindowPoints
UpdateLayeredWindow
IsIconic
LoadImageW
GetUpdateRect
EndPaint
BeginPaint
SetFocus
GetWindow
GetKeyState
GetFocus
CreateCaret
SetCaretPos
GetCaretBlinkTime
SetTimer
KillTimer
DestroyWindow
SystemParametersInfoW
EnableWindow
DefWindowProcW
wvsprintfW
InflateRect
wsprintfW
MessageBoxW
ShowWindow
FindWindowW
SetWindowLongW
GetWindowLongW
GetClientRect
OffsetRect
DrawIconEx
LoadCursorW
PostQuitMessage
ScreenToClient
ClientToScreen
InvalidateRect
IntersectRect
GetWindowRect
SetCursor
CharNextW
GetParent
CreateWindowExW
SetWindowPos
IsZoomed
CharLowerW
ReleaseCapture
SetCapture
PostMessageW
IsWindow
DispatchMessageW
TranslateMessage
GetMessageW
GetCursorPos
IsRectEmpty
GetDC
ReleaseDC
GetWindowTextLengthW
PtInRect
GetWindowTextW
GetSystemMetrics
SendMessageW
gdi32
SetWindowOrgEx
GetTextMetricsW
Rectangle
SetStretchBltMode
CreateCompatibleBitmap
CreateCompatibleDC
RestoreDC
SaveDC
CreateDIBSection
SelectObject
SetTextColor
SetBkMode
RoundRect
LineTo
MoveToEx
DeleteObject
StretchBlt
CombineRgn
ExtSelectClipRgn
CreateRectRgnIndirect
GetClipBox
SelectClipRgn
CreateRoundRectRgn
CreateSolidBrush
SetBkColor
GetCharABCWidthsW
GetTextExtentPoint32W
TextOutW
DeleteDC
GetDeviceCaps
GetPixel
SetPixel
CreateRectRgn
PtInRegion
CreatePen
CreateFontIndirectW
GetStockObject
CreatePenIndirect
BitBlt
GetObjectW
shell32
SHGetSpecialFolderPathW
SHGetPathFromIDListW
SHBrowseForFolderW
ord165
Shell_NotifyIconW
CommandLineToArgvW
ShellExecuteW
ole32
OleSetContainedObject
CoCreateInstance
CoInitialize
OleUninitialize
OleInitialize
CLSIDFromString
CLSIDFromProgID
CreateStreamOnHGlobal
CoUninitialize
OleLockRunning
oleaut32
SysFreeString
SysAllocString
VariantClear
VariantInit
msvcp90
?close@?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?open@?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXPB_WHH@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??_D?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIABV12@I@Z
?replace@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@IIABV12@@Z
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIABV12@@Z
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?find_last_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?uncaught_exception@std@@YA_NXZ
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEHPB_WH@Z
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
?str@?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
??0?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
??_D?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
?open@?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXPB_WHH@Z
?close@?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
?str@?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??$?6DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?swap@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXAAV12@@Z
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
?deallocate@?$allocator@D@std@@QAEXPADI@Z
?allocate@?$allocator@D@std@@QAEPADI@Z
?_Xbad@tr1@std@@YAXW4error_type@regex_constants@12@@Z
?id@?$ctype@D@std@@2V0locale@2@A
?_Xmem@tr1@std@@YAXXZ
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?id@?$collate@D@std@@2V0locale@2@A
?_Getcat@?$collate@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?transform@?$collate@D@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@PBD0@Z
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$_String_const_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$_String_const_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?tolower@?$ctype@D@std@@QBEPBDPADPBD@Z
?tolower@?$ctype@D@std@@QBEDD@Z
?_Getfacet@locale@std@@QBEPBVfacet@12@I@Z
??1locale@std@@QAE@XZ
??0locale@std@@QAE@XZ
?_Incref@facet@locale@std@@QAEXXZ
??Bid@locale@std@@QAEIXZ
?_Decref@facet@locale@std@@QAEPAV123@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_WABV10@@Z
gdiplus
GdipDeleteBrush
GdipFree
GdipAlloc
GdipFillRectangleI
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipCreateSolidFill
GdipGetPropertyItem
GdipGetImageWidth
GdipGetImageHeight
GdipDisposeImage
GdipCloneImage
GdipDrawImageRectI
GdipImageSelectActiveFrame
GdipLoadImageFromStream
GdipGetPropertyItemSize
GdipCreateFromHDC
GdiplusStartup
GdiplusShutdown
GdipDeleteGraphics
msvcr90
iswalnum
_gmtime64
??0bad_cast@std@@QAE@PBD@Z
??0bad_cast@std@@QAE@ABV01@@Z
??1bad_cast@std@@UAE@XZ
exit
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
__CxxFrameHandler3
?terminate@@YAXXZ
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
_ismbblead
_acmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler4_common
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_invoke_watson
_controlfp_s
wcsncmp
calloc
_wcslwr
__RTDynamicCast
_wtof
wcstoul
toupper
wcscpy_s
_recalloc
memset
memmove
strstr
_wtoi
_atoi64
vswprintf_s
fprintf
_localtime64
isdigit
wcstol
wcsstr
wcsrchr
strchr
malloc
free
wprintf
memmove_s
_wtoi64
_wsplitpath
_vswprintf
_wfopen
fflush
_swprintf
fwprintf
wcsncpy_s
wcschr
_beginthreadex
_purecall
_wcsicmp
ceil
fclose
fopen
sprintf
??_V@YAXPAX@Z
wcsncpy
??2@YAPAXI@Z
printf
_invalid_parameter_noinfo
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??3@YAXPAX@Z
_memicmp
_stricmp
_strnicmp
_wcsnicmp
abort
_CxxThrowException
memcpy
_CIsqrt
_CIcos
_CIsin
realloc
d3d9
Direct3DCreate9
wininet
InternetCloseHandle
InternetOpenW
InternetOpenUrlW
HttpQueryInfoW
InternetReadFile
winmm
timeSetEvent
timeGetTime
timeBeginPeriod
timeGetDevCaps
timeEndPeriod
timeKillEvent
comctl32
_TrackMouseEvent
ord17
imm32
ImmGetContext
ImmSetCompositionWindow
ImmReleaseContext
Exports
Exports
Sections
.text Size: 703KB - Virtual size: 702KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 129KB - Virtual size: 129KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 14KB - Virtual size: 31KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 736KB - Virtual size: 736KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 59KB - Virtual size: 58KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ