Static task
static1
Behavioral task
behavioral1
Sample
472783b128f795776bdf1a688263c740d150c96c2ee1b44f9af65f25e973ad1d.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
472783b128f795776bdf1a688263c740d150c96c2ee1b44f9af65f25e973ad1d.exe
Resource
win10v2004-20221111-en
General
-
Target
472783b128f795776bdf1a688263c740d150c96c2ee1b44f9af65f25e973ad1d
-
Size
2.9MB
-
MD5
ed0e7258f589e50203e7c76b027c13b3
-
SHA1
b1629dfcee1099c88ee807f4d265476ae8fc841b
-
SHA256
472783b128f795776bdf1a688263c740d150c96c2ee1b44f9af65f25e973ad1d
-
SHA512
8b4a295d7aebcda9264061d54cadbc863a574881ff45e919da4328bd0dbb6b3529a7084626e6d2cda8f6086bdf0ce213cd925f696b681e68cd33701200f3d03d
-
SSDEEP
49152:Ewwl6oGjA4erBx14ajB+NEnRQ0jr+yc491S+8BQovJQdR523mUOW2FGvjLtXJBH+:lEnbenGQA+54/QBQEQdC3m7W4ujLnBha
Malware Config
Signatures
Files
-
472783b128f795776bdf1a688263c740d150c96c2ee1b44f9af65f25e973ad1d.exe windows x86
cd15c84e27e843838af3d9f7fcc0a78b
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Imports
kernel32
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
user32
GetKeyboardType
advapi32
RegQueryValueExA
oleaut32
SysFreeString
mpr
WNetGetConnectionA
version
VerQueryValueA
gdi32
UnrealizeObject
ole32
IsEqualGUID
comctl32
ImageList_SetIconSize
winspool.drv
OpenPrinterA
shell32
Shell_NotifyIconA
wininet
InternetCheckConnectionA
comdlg32
PageSetupDlgA
wsock32
send
winmm
timeGetTime
pquery.bin
WyQueryPYWhole
msvcrt
_gcvt
idcardreader\termb
Read_Content
idcardreader\dll_file
unpack
gdiplus
GdiplusShutdown
Sections
CODE Size: 2.9MB - Virtual size: 11.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 58KB - Virtual size: 60KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE