Static task
static1
Behavioral task
behavioral1
Sample
efdebdcb062ccc4da76dc2a0011d2e4f6a88e95b.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
efdebdcb062ccc4da76dc2a0011d2e4f6a88e95b.exe
Resource
win10v2004-20221111-en
General
-
Target
efdebdcb062ccc4da76dc2a0011d2e4f6a88e95b
-
Size
162KB
-
MD5
b4bf563a8ad12b98cd5c53c28aec29f3
-
SHA1
efdebdcb062ccc4da76dc2a0011d2e4f6a88e95b
-
SHA256
a2b9ea87ee8413b689cd0f6c5ef1fb62ebc09ccf9ac6fa76e572d3d411bb78e5
-
SHA512
ce1f8a5bfb2fef1d496eb8f6acc2af5d278d99c751e778428d367b96ac545daa297a7551ff74b6108a29a350e9957f8e36c6304078ed718066835f7b45a8c7d9
-
SSDEEP
3072:QrBZYcZD51Q4QDXxt2yfjfaXq7zHtAHSYnjFA+qWemy9fAXBR7L:QRDUpbzNm3njFT0fiBR
Malware Config
Signatures
Files
-
efdebdcb062ccc4da76dc2a0011d2e4f6a88e95b.exe windows x86
2dce769282a630865489b08d32d030e8
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Imports
user32
MessageBoxA
GetActiveWindow
wsprintfA
kernel32
CreateEventA
FreeLibrary
GetCurrentThreadId
GetLastError
GetProcAddress
LoadLibraryA
SetErrorMode
SetEvent
WaitForSingleObject
CloseHandle
CreateEventA
CreateFileA
CreateMutexA
CreateThread
DeleteFileA
ExitProcess
ExitThread
GetCommandLineA
GetConsoleMode
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetEnvironmentStrings
GetFileType
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetStdHandle
GetTickCount
GetVersion
LoadLibraryA
LocalAlloc
LocalFree
ReadConsoleInputA
ReadFile
ReleaseMutex
SetConsoleMode
SetEvent
SetFilePointer
SetStdHandle
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WaitForSingleObject
WriteConsoleA
WriteFile
w3sqlv7
XQLCompile@12
XQLConvert@36
XQLCursor@4
XQLDescribe@32
XQLFetch@28
XQLFormat@16
XQLFree@4
XQLLogin@24
XQLLogout@0
XQLMask@24
XQLVersion@4
xChar@12
xConvert@36
xDDAttr@20
xDDField@20
xDescribe@24
Sections
BEGTEXT Size: 65KB - Virtual size:
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
DGROUP Size: 8KB - Virtual size:
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.bss Size: 5KB - Virtual size:
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 2KB - Virtual size:
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 4KB - Virtual size:
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size:
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.LDGROUP Size: 80KB - Virtual size: 80KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE