RunProc
Static task
static1
Behavioral task
behavioral1
Sample
BxgI0_95sBrYurn-nQMeZt3YnWG5c91oDH6ag2LBVG4.bin.dll
Resource
win7-20221111-en
General
-
Target
BxgI0_95sBrYurn-nQMeZt3YnWG5c91oDH6ag2LBVG4.bin.exe
-
Size
1.1MB
-
MD5
22c884dd78b0ab7f6c6c5eedd37a4e89
-
SHA1
4674e0c2a601d15c3dc6a9e273c77b93ee44796f
-
SHA256
071808d3ef79b01ad8bab9ff9d031e66ddd89d61b973dd680c7e9a8362c1546e
-
SHA512
b0f06d1956c36b1c03f03d9a3cc19eeff5071b974f7fcbce6a7f08225709b543efc4fd2829d5ebe461f13295b28df88680602c13470e9ad86314f0f839580a78
-
SSDEEP
24576:/cgtVNEgRC+Bk1zJGa41QUF7BRQQRNEEEh9g7aEgxPNOa:ptzEmC+W114qUdgQXaiq
Malware Config
Signatures
Files
-
BxgI0_95sBrYurn-nQMeZt3YnWG5c91oDH6ag2LBVG4.bin.exe.dll windows x64
30e4951baaf3486172393b81f9118d19
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
kernel32
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetProcessHeap
CreateFileA
CloseHandle
GetCurrentActCtx
TryEnterCriticalSection
GetModuleFileNameA
GetModuleHandleA
SetCurrentDirectoryA
GetFileSize
GetFileInformationByHandle
WaitForMultipleObjects
SetFileTime
OpenFileMappingA
CreateNamedPipeA
ConnectNamedPipe
VirtualAlloc
RaiseException
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetLastError
SetLastError
GetCurrentThreadId
HeapAlloc
HeapFree
GetModuleHandleW
GetProcAddress
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
FreeLibrary
LoadLibraryExW
CompareStringW
LCMapStringW
DeleteCriticalSection
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
ExitProcess
GetModuleHandleExW
GetStringTypeW
MultiByteToWideChar
WideCharToMultiByte
HeapSize
HeapReAlloc
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
InitializeSListHead
RtlUnwindEx
InterlockedFlushSList
FindClose
FindFirstFileExA
FindNextFileA
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
GetStdHandle
GetFileType
SetStdHandle
WriteFile
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
WriteConsoleW
CreateFileW
Exports
Exports
Sections
.text Size: 124KB - Virtual size: 124KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 330KB - Virtual size: 329KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 637KB - Virtual size: 643KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.gfids Size: 512B - Virtual size: 152B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ