Static task
static1
Behavioral task
behavioral1
Sample
0f652edafdefe48e4dc67b2e22d79b8bac406042.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
0f652edafdefe48e4dc67b2e22d79b8bac406042.exe
Resource
win10v2004-20221111-en
General
-
Target
0f652edafdefe48e4dc67b2e22d79b8bac406042
-
Size
759KB
-
MD5
274aea70f1d35d6716fe1c47b582da58
-
SHA1
0f652edafdefe48e4dc67b2e22d79b8bac406042
-
SHA256
cede43418cadc08c4951c250e0cf6d37d7ccde9c9d83d32e7cac122599fce9d9
-
SHA512
865f1e203272a8f8a41ac3740da86a7e943f19a56e1ac5c18d86bf9651c9c729cecd87a8d3e67152ce722bbf5eb464935947deeb0fd043d688365d7e08451b5a
-
SSDEEP
12288:38h5vvXrz1U9S6UNQUAcMAcjv6nPA1A8DdyUfE8GdexlsMZnRoHE8tGv7OoEd:snvbpU90NQ1cMAc+A1AGyUfE8tl7ZnRp
Malware Config
Signatures
Files
-
0f652edafdefe48e4dc67b2e22d79b8bac406042.exe windows x86
0432aed13bfd296d669851578722ce4a
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CancelIo
ResetEvent
lstrlenA
GetDriveTypeA
DeleteFileW
GetStartupInfoA
HeapDestroy
CreateEventA
TlsGetValue
HeapCreate
CloseHandle
GetEnvironmentVariableA
GetVolumePathNameA
GetModuleHandleA
GetCommandLineA
CloseHandle
GetCommandLineA
GetConsoleTitleA
VirtualQuery
GetTimeFormatA
advapi32
ControlService
InitializeSid
IsValidSecurityDescriptor
CreateProcessAsUserA
RegEnumKeyA
CreateServiceW
IsValidSid
ClearEventLogW
RegCreateKeyExW
RegQueryValueW
IsValidAcl
IsTextUnicode
RegDeleteValueA
rastapi
PortClearStatistics
PortClearStatistics
PortClearStatistics
PortClearStatistics
Sections
.text Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 512B - Virtual size: 1.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 754KB - Virtual size: 753KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ