Static task
static1
Behavioral task
behavioral1
Sample
Setup.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
Setup.exe
Resource
win10v2004-20220812-en
General
-
Target
81a5d305ac1614d13aa25be6f6d46628341ac2bea7f34e9ee12691ad06e4698a
-
Size
6.4MB
-
MD5
2d4e49a2f5873125d6fbf15557b0548d
-
SHA1
e561fa226660aa5cc01a050e08829b3a31425082
-
SHA256
81a5d305ac1614d13aa25be6f6d46628341ac2bea7f34e9ee12691ad06e4698a
-
SHA512
f4321c1a7fb5092a229a3cc39786522935a0b80c053a7899061fb1b5ea600b66d264f75baaf43cf8d788faef5e329bac84a828508b8e8964bec8f9017cc4da23
-
SSDEEP
196608:PHkZWMCI0zYNNQL/LusVVp3E7kvwkNz0VQ3xv:f6RCIBSuQVpK0z0Vk
Malware Config
Signatures
Files
-
81a5d305ac1614d13aa25be6f6d46628341ac2bea7f34e9ee12691ad06e4698a.rar
Password: 2022
-
Langzz/Cr0atian.ini
-
Langzz/Danish.ini
-
Langzz/English.ini
-
Langzz/Finnish.ini
-
Langzz/Hebrew.ini
-
Langzz/Hungarian.ini.ps1
-
Langzz/Ind0nesian.ini
-
Langzz/Japanese.ini
-
Langzz/K0rean.ini.ps1
-
Langzz/Kazakh.ini
-
Langzz/Kurdish.ini
-
Langzz/N0rwegian.ini
-
Langzz/SimpChinese.ini
-
Langzz/Sinhala.ini
-
Langzz/Sl0vak.ini
-
Langzz/Swedish.ini
-
Langzz/Thai.ini
-
Langzz/TradChine$e.ini
-
Langzz/Ukrainian.ini
-
Langzz/UyghurLatin.ini
-
Langzz/Uzbek.ini
-
Langzz/Vietname$e.ini
-
Setup.exe.exe windows x86
Password: 2022
11ea24073ee65343ee563e3160c77fde
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
lstrlenA
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress
user32
DestroyWindow
CharUpperBuffW
gdi32
GetObjectW
ole32
CoDecodeProxy
Sections
.text Size: - Virtual size: 93KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.CRT Size: 512B - Virtual size: 4B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.=.M Size: - Virtual size: 3.4MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.|9y Size: 1024B - Virtual size: 896B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.}^Q Size: 6.1MB - Virtual size: 6.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 356KB - Virtual size: 356KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
TheFullNote.txt