Static task
static1
Behavioral task
behavioral1
Sample
199de8b727ceae96afb7c7560092c1d7a4dbe5a005c07ae20cffd9871da52b82.exe
Resource
win7-20230220-en
General
-
Target
199de8b727ceae96afb7c7560092c1d7a4dbe5a005c07ae20cffd9871da52b82.zip
-
Size
3.2MB
-
MD5
0ccabf85ce57c2eea3f487930c184e38
-
SHA1
e72dfad774b0041fb59d7ea7f3d68452c73d1050
-
SHA256
37cc099c435c1e7451dcdff1011c33f19fde6f69764cfe143a979d23c582888b
-
SHA512
f1a58f8b17c67225aabc5e93536f36d8feec99974ab30227568cfbd2f5bfdc9384b48fcad21e525fcd14b021b399899bd24465253c3c4ddbe4c82ac581ec6142
-
SSDEEP
98304:VSYHjPK5kVsfqjyVSEDj3ycJAf9T6OGM4:zz1sf/VNjjAleN
Malware Config
Signatures
Files
-
199de8b727ceae96afb7c7560092c1d7a4dbe5a005c07ae20cffd9871da52b82.zip.zip
Password: infected
-
199de8b727ceae96afb7c7560092c1d7a4dbe5a005c07ae20cffd9871da52b82.exe.exe windows x86
Password: infected
54f97145ccdcbc2e31f50113957801d6
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
GetModuleHandleA
GetProcAddress
advapi32
GetUserNameW
user32
EnumDisplayDevicesA
gdi32
BitBlt
Sections
.MPRESS1 Size: 3.2MB - Virtual size: 5.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.MPRESS2 Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 128KB - Virtual size: 127KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE