Static task
static1
Behavioral task
behavioral1
Sample
ba5ff1d9734c549d5df671c2891b58228054bc7689b91cf0b7b02e6e1a598139.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
ba5ff1d9734c549d5df671c2891b58228054bc7689b91cf0b7b02e6e1a598139.exe
Resource
win10v2004-20230220-en
General
-
Target
63b52dc8c2257b9eeef4957aaf041cbe.bin
-
Size
11.0MB
-
MD5
82b6309017204920ff0abb687f7da3cc
-
SHA1
59a79886670c78002966c5f2e8d6c7b34c90b685
-
SHA256
8ff34ddfeca18c01b70bc6c13ffbd8a2900ee36d49d22160228a800f0d16dadd
-
SHA512
bbc3f1ecf8154551a729bbbb1206b5cf7138d4a4c6a0cb63702af6ba982e7a267ed3441e26c9cf02e6599ac33bc0ce1d733e7fadde2227889fded75902e2a5cd
-
SSDEEP
196608:vmpNlTuHjo5UEZDbrAnFDGyKNFekWDX6HouuLSm/EdrSgy82F6:v2RuDo5UUYZKNFCvZHqiFF6
Malware Config
Signatures
Files
-
63b52dc8c2257b9eeef4957aaf041cbe.bin.zip
Password: infected
-
ba5ff1d9734c549d5df671c2891b58228054bc7689b91cf0b7b02e6e1a598139.exe.exe windows x86
Password: infected
46bb1f2f302a3eac0c1b165f1a89cbbe
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CreateToolhelp32Snapshot
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress
user32
EmptyClipboard
CharUpperBuffW
Sections
.text Size: - Virtual size: 500KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: - Virtual size: 174KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 49KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
kuyjthgf Size: - Virtual size: 5.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
kuyjthgf Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
kuyjthgf Size: 11.2MB - Virtual size: 11.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 469B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ