Static task
static1
Behavioral task
behavioral1
Sample
f1a220c982fa2b7330cd7c7671f8733c.exe
Resource
win7-20221111-en
General
-
Target
f1a220c982fa2b7330cd7c7671f8733c.bin
-
Size
393KB
-
MD5
f1a220c982fa2b7330cd7c7671f8733c
-
SHA1
9f20d00b4ec898a33e130720d4d29e94070e1575
-
SHA256
15ed48a323171f521247258630d9ef6d3fe785b5fe3aa9ff77b58b150b734310
-
SHA512
face49fa9216d325062326c475fa88b5170ac39ea2bed44de721276ddd79f45c620064ef01372f8b90e7104c3cab9ec0a1b76a98357c7efeedcd47a1608e22c1
-
SSDEEP
12288:9YfbednM3kIg00BJ1sKN+zNva8lq1NtWH:9YenIqqFlqdWH
Malware Config
Signatures
Files
-
f1a220c982fa2b7330cd7c7671f8733c.bin.exe windows x86
558140d35255c0390a3d56cf7377b43f
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
ole32
CoCancelCall
CoDosDateTimeToFileTime
CoFileTimeNow
CoMarshalHresult
CoQueryProxyBlanket
CoRegisterChannelHook
CoSetCancelObject
CoSwitchCallContext
CoTaskMemAlloc
CoTestCancel
CreateObjrefMoniker
CreatePointerMoniker
DllDebugObjectRPCHook
HBRUSH_UserMarshal
HPALETTE_UserFree
IIDFromString
OleConvertIStorageToOLESTREAM
OleQueryCreateFromData
OleSaveToStream
OleSetClipboard
ProgIDFromCLSID
STGMEDIUM_UserUnmarshal
SetDocumentBitStg
StgOpenPropStg
UtConvertDvtd16toDvtd32
WriteFmtUserTypeStg
WriteOleStg
gdi32
AbortPath
AddFontResourceA
AddFontResourceExW
AddFontResourceW
CopyEnhMetaFileW
CreateBitmap
CreateBitmapIndirect
CreateCompatibleDC
DeleteMetaFile
ExtEscape
FillRgn
GdiStartDocEMF
GetCharacterPlacementW
GetEnhMetaFileHeader
GetEnhMetaFilePaletteEntries
GetGraphicsMode
GetTextAlign
GetTextExtentPoint32W
OffsetWindowOrgEx
PlayEnhMetaFile
PlayMetaFile
RemoveFontResourceExA
ScaleViewportExtEx
ScaleWindowExtEx
SetDIBColorTable
SetMiterLimit
StartDocA
wsock32
ord1141
ord1112
ord1109
ord1116
ord1113
MigrateWinsockConfiguration
WSAAsyncGetServByName
WSAAsyncGetServByPort
WSAAsyncSelect
WSASetBlockingHook
WSAStartup
bind
gethostbyaddr
gethostname
ord1101
getservbyport
inet_addr
listen
ntohs
select
send
setsockopt
socket
mapi32
ord178
ord121
ord45
ord81
ord239
ord142
ord75
ord50
ord49
ord32
ord22
ord201
ord151
ord184
ord171
ord170
ord202
ord8
ord156
wininet
FindFirstUrlCacheContainerA
FtpCreateDirectoryA
FtpCreateDirectoryW
FtpFindFirstFileA
FtpGetCurrentDirectoryA
FtpGetFileW
GetUrlCacheConfigInfoA
GetUrlCacheEntryInfoA
GetUrlCacheEntryInfoExW
GopherGetLocatorTypeA
GopherOpenFileW
InternetAttemptConnect
InternetCombineUrlA
InternetConnectW
InternetCrackUrlW
InternetGetLastResponseInfoW
InternetLockRequestFile
InternetOpenW
InternetReadFile
InternetReadFileExA
InternetSetCookieA
InternetSetCookieW
InternetSetDialState
InternetSetFilePointer
InternetSetOptionExA
InternetWriteFile
RunOnceUrlCache
SetUrlCacheEntryInfoW
kernel32
CloseHandle
CompareStringW
CreateFileW
DecodePointer
DeleteCriticalSection
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetEnvironmentStringsW
GetFileSizeEx
GetFileType
GetLastError
GetLocaleInfoW
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemTimeAsFileTime
GetTimeFormatW
GetUserDefaultLCID
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedFlushSList
InterlockedPushEntrySList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringW
LeaveCriticalSection
LoadLibraryExW
MultiByteToWideChar
OutputDebugStringW
QueryPerformanceCounter
RaiseException
ReadConsoleW
ReadFile
RtlUnwind
SetConsoleCtrlHandler
SetEnvironmentVariableW
SetFilePointerEx
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
WideCharToMultiByte
WriteConsoleW
WriteFile
Sections
.text Size: 214KB - Virtual size: 214KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 36KB - Virtual size: 35KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.00cfg Size: 512B - Virtual size: 4B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.gfids Size: 512B - Virtual size: 416B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.voltbl Size: 1024B - Virtual size: 892B
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ