Static task
static1
Behavioral task
behavioral1
Sample
4c40c740091df82cd11555afd1283b147787eb9838608d1254f2dce1069c1327.exe
Resource
win7-20230220-en
windows7-x64
Behavioral task
behavioral2
Sample
4c40c740091df82cd11555afd1283b147787eb9838608d1254f2dce1069c1327.exe
Resource
win10v2004-20230221-en
windows10-2004-x64
General
-
Target
4c40c740091df82cd11555afd1283b147787eb9838608d1254f2dce1069c1327
-
Size
1.8MB
-
MD5
721b1b464509c6db5f06069d24708cf0
-
SHA1
c4a11d4bd33536751591bbc26f40866cf2034672
-
SHA256
4c40c740091df82cd11555afd1283b147787eb9838608d1254f2dce1069c1327
-
SHA512
55bf2df429a93249bc067b17d7a703314468b849e08909d44bb20a5057321961428a331ce9a04bac56aed7c6badedc219d81bf12b99eea006693abe9b06f8608
-
SSDEEP
24576:olvEOp6oOf3QjFgyj+tkVC5sPN6cxiKIxB0ohV3IASCoJSH2uW86:ypqP8kL5DwoXV3IAbYSC/
Malware Config
Signatures
Files
-
4c40c740091df82cd11555afd1283b147787eb9838608d1254f2dce1069c1327.exe windows x86
2cc94a37c7fc38f6dddbae997625a7d7
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetDiskFreeSpaceExW
SetFileTime
WriteFile
TlsAlloc
GetVersionExW
SetErrorMode
LeaveCriticalSection
EnterCriticalSection
VirtualQuery
SetUnhandledExceptionFilter
InitializeCriticalSection
CopyFileW
lstrcatW
lstrcpyW
OpenEventW
GlobalFree
FindNextFileW
FindClose
FindFirstFileW
GetShortPathNameW
CreateDirectoryW
MoveFileW
GetLocalTime
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileTime
lstrcmpA
HeapFree
GetProcessHeap
SetPriorityClass
HeapAlloc
CreateThread
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
lstrcmpiA
HeapCreate
GetCurrentThread
SetFilePointer
GlobalUnlock
GlobalSize
GlobalLock
lstrcmpW
GetFileAttributesExW
GlobalAlloc
EnumResourceLanguagesW
GetVersion
FreeResource
LockResource
SizeofResource
LoadResource
FindResourceW
LocalAlloc
InterlockedExchange
SetProcessWorkingSetSize
ExitProcess
GetWindowsDirectoryW
GetProcessTimes
GlobalDeleteAtom
GlobalAddAtomW
DeleteCriticalSection
CompareFileTime
GetFileType
GetCurrentDirectoryW
DosDateTimeToFileTime
FlushInstructionCache
GetModuleHandleA
SuspendThread
SetThreadContext
GetThreadContext
InterlockedCompareExchange
SetEndOfFile
SystemTimeToFileTime
CreateWaitableTimerW
SetWaitableTimer
CancelWaitableTimer
IsBadReadPtr
IsBadWritePtr
GetSystemDirectoryW
DeviceIoControl
SetThreadPriority
ResumeThread
ReadFile
GetSystemTimeAsFileTime
GetSystemInfo
GlobalMemoryStatusEx
OutputDebugStringW
DebugBreak
InterlockedIncrement
TerminateThread
SetLastError
DuplicateHandle
ReadProcessMemory
GetExitCodeProcess
WriteProcessMemory
VirtualFree
VirtualAlloc
VirtualAllocEx
VirtualFreeEx
LocalFree
TlsSetValue
OpenFileMappingW
GetFileSize
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
ResetEvent
GetPrivateProfileSectionW
lstrlenA
MultiByteToWideChar
WritePrivateProfileStructW
WritePrivateProfileSectionW
GetPrivateProfileIntW
GetSystemTime
TlsGetValue
InterlockedDecrement
GetPrivateProfileStringW
WritePrivateProfileStringW
DeleteFileW
CreateFileW
lstrlenW
WideCharToMultiByte
GetTempPathW
RemoveDirectoryW
GetCurrentThreadId
OpenThread
GetProcAddress
FreeLibrary
GetCurrentProcessId
CreateProcessW
CreateEventW
WaitForSingleObject
ExpandEnvironmentStringsW
GetFileAttributesW
SetFileAttributesW
GetTickCount
GetTempFileNameW
MoveFileExW
WaitForMultipleObjects
CreateMutexW
GetLastError
Sleep
OpenProcess
CloseHandle
GetCommandLineW
SetEvent
GetCurrentProcess
TerminateProcess
GetModuleFileNameW
GetLongPathNameW
GetModuleHandleW
LoadLibraryW
VirtualProtect
GetStartupInfoA
user32
LoadStringW
GetForegroundWindow
PostThreadMessageW
MessageBoxW
IsWindowVisible
GetClassNameW
EnumWindows
IsWindow
AllowSetForegroundWindow
FindWindowExW
SetRect
ClientToScreen
SetWindowLongW
InflateRect
DestroyIcon
PostMessageW
SetTimer
BeginPaint
GetDlgItem
GetWindowRect
GetDesktopWindow
MapWindowPoints
GetClientRect
FillRect
EndPaint
SetFocus
SetDlgItemTextW
EndDialog
GetPropW
SetPropW
RemovePropW
DialogBoxParamW
GetWindowLongW
CreateWindowExW
SetWindowPos
SendMessageW
SetWindowTextW
GetWindowTextW
CallWindowProcW
GetKeyboardLayout
GetWindowThreadProcessId
RegisterWindowMessageW
ActivateKeyboardLayout
DefWindowProcW
CreateAcceleratorTableW
WaitForInputIdle
IsDlgButtonChecked
DrawIcon
LoadIconW
CheckDlgButton
ShowWindow
GetAncestor
SetParent
PostQuitMessage
DestroyWindow
keybd_event
MapVirtualKeyW
InSendMessageEx
SetWindowRgn
EndMenu
SetForegroundWindow
AttachThreadInput
IsWindowEnabled
SendMessageTimeoutW
EqualRect
SendMessageCallbackW
ReplyMessage
IsHungAppWindow
wvsprintfW
CharNextW
GetClassInfoExW
SetMessageExtraInfo
GetSystemMenu
LoadBitmapW
CheckMenuRadioItem
GetMessageExtraInfo
GetDoubleClickTime
MenuItemFromPoint
SetMenuInfo
SetRectEmpty
InsertMenuItemW
GetSysColor
GetGUIThreadInfo
SetWindowPlacement
SetActiveWindow
GetMenuState
GetMenuItemID
EnumThreadWindows
IntersectRect
DrawTextW
ReleaseDC
GetFocus
GetDC
InvalidateRect
PtInRect
GetCursorPos
ScreenToClient
SetCursor
LoadCursorW
GetKeyState
DestroyMenu
IsClipboardFormatAvailable
EnableMenuItem
GetSubMenu
LoadMenuW
KillTimer
GetMenu
RedrawWindow
MoveWindow
LoadImageW
AdjustWindowRectEx
MonitorFromRect
RegisterClassExW
UnregisterHotKey
RegisterHotKey
SubtractRect
FindWindowW
MonitorFromPoint
MonitorFromWindow
GetMonitorInfoW
GetClipboardData
GetKeyNameTextW
CharLowerW
SetLayeredWindowAttributes
GetMenuItemRect
GetAsyncKeyState
GetWindowTextLengthW
GetMenuItemInfoW
GetWindow
GetActiveWindow
SetCapture
EnumChildWindows
GetMenuStringW
ReleaseCapture
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetDlgItemTextW
CallNextHookEx
SetWindowsHookExW
UnhookWindowsHookEx
RegisterClipboardFormatW
CreatePopupMenu
InsertMenuW
SetMenuItemInfoW
TrackMouseEvent
UpdateWindow
IsChild
CreateDialogIndirectParamW
TrackPopupMenu
TrackPopupMenuEx
LoadStringA
GetWindowDC
GetWindowPlacement
SystemParametersInfoW
IsZoomed
GetParent
GetSystemMetrics
DeleteMenu
RemoveMenu
CheckMenuItem
GetMenuItemCount
PeekMessageW
MsgWaitForMultipleObjects
GetMessageW
TranslateMessage
DispatchMessageW
CharNextA
DrawIconEx
WindowFromPoint
EnableWindow
GetMessagePos
OffsetRect
IsIconic
CopyAcceleratorTableW
DestroyAcceleratorTable
TranslateAcceleratorW
LoadAcceleratorsW
CopyRect
gdi32
FillRgn
CreateRectRgn
RoundRect
SetPixel
CreateRoundRectRgn
CombineRgn
GetTextExtentPoint32W
CreatePolygonRgn
GetTextMetricsW
EnumFontsW
GetDIBits
GetDeviceCaps
GetBitmapBits
SetStretchBltMode
StretchBlt
CreatePen
Rectangle
MoveToEx
LineTo
CreateSolidBrush
SetBitmapBits
CreateRectRgnIndirect
CreateDIBSection
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
DeleteDC
SelectObject
SetTextColor
DeleteObject
GetObjectW
CreateFontIndirectW
SetBkMode
GetStockObject
advapi32
RegOpenKeyExW
LookupPrivilegeValueW
AdjustTokenPrivileges
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegDeleteKeyW
RegOpenKeyW
RegEnumKeyExW
RegCreateKeyW
GetUserNameW
GetSidSubAuthority
GetSidSubAuthorityCount
GetSidIdentifierAuthority
GetTokenInformation
CopySid
RegSetKeySecurity
RegQueryInfoKeyW
RegEnumKeyW
AllocateAndInitializeSid
GetLengthSid
InitializeAcl
AddAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
FreeSid
RegGetKeySecurity
OpenProcessToken
shell32
DragQueryFileW
Shell_NotifyIconW
SHBrowseForFolderW
SHGetPathFromIDListW
SHAppBarMessage
ShellExecuteExW
SHGetFileInfoW
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetMalloc
SHFileOperationW
SHGetFolderPathW
SHChangeNotify
ShellExecuteW
ord680
SHGetSpecialFolderPathW
ExtractIconExW
ole32
OleSetContainedObject
CLSIDFromString
OleRun
CLSIDFromProgID
PropVariantClear
OleDuplicateData
DoDragDrop
RegisterDragDrop
ReleaseStgMedium
CoMarshalInterface
GetHGlobalFromStream
OleDraw
OleCreate
OleInitialize
OleUninitialize
CoGetClassObject
CreateStreamOnHGlobal
CoUnmarshalInterface
CoCreateGuid
StringFromCLSID
CoTaskMemFree
CoGetMalloc
CoRegisterClassObject
CoRevokeClassObject
CoInitialize
CoCreateInstance
CoUninitialize
RevokeDragDrop
shlwapi
StrCatW
SHGetValueA
PathIsUNCW
GetMenuPosFromID
StrCmpNW
SHEnumKeyExW
UrlUnescapeW
SHStrDupW
UrlCombineA
StrRetToBufW
PathAppendW
StrRStrIA
StrChrIA
StrCmpIW
PathMatchSpecW
PathIsRootW
UrlEscapeW
StrStrA
PathFindFileNameA
PathFindFileNameW
PathFindExtensionW
PathGetDriveNumberW
SHDeleteValueW
SHDeleteKeyW
StrStrIA
UrlGetPartW
PathIsURLW
PathMatchSpecA
UrlIsOpaqueW
StrCmpNIW
SHGetValueW
PathRemoveFileSpecW
PathFileExistsW
PathIsDirectoryW
PathCombineW
SHSetValueW
StrStrIW
StrStrW
wininet
InternetTimeToSystemTimeA
FindFirstUrlCacheEntryW
DeleteUrlCacheEntryW
UnlockUrlCacheEntryFileW
FindNextUrlCacheEntryW
FindFirstUrlCacheEntryA
DeleteUrlCacheEntryA
UnlockUrlCacheEntryFileA
FindNextUrlCacheEntryA
FindCloseUrlCache
InternetCanonicalizeUrlW
InternetQueryOptionA
InternetSetStatusCallbackA
InternetOpenA
CommitUrlCacheEntryA
CreateUrlCacheEntryA
RetrieveUrlCacheEntryStreamA
UnlockUrlCacheEntryStream
InternetSetCookieW
InternetSetCookieExW
InternetSetCookieA
InternetSetCookieExA
InternetGetCookieExA
HttpAddRequestHeadersA
HttpQueryInfoA
InternetConnectA
GetUrlCacheEntryInfoW
CreateUrlCacheEntryW
CommitUrlCacheEntryW
FtpGetFileSize
HttpQueryInfoW
HttpOpenRequestW
HttpSendRequestExW
InternetOpenW
InternetConnectW
InternetSetOptionA
InternetSetStatusCallbackW
InternetCloseHandle
InternetReadFileExA
InternetReadFile
HttpEndRequestW
FtpOpenFileW
InternetWriteFile
InternetGetLastResponseInfoW
FtpCommandW
InternetQueryOptionW
InternetSetOptionW
InternetCrackUrlW
InternetCrackUrlA
oleaut32
VariantClear
SafeArrayCreateVector
SafeArrayDestroy
SysStringLen
SafeArrayAccessData
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayUnaccessData
SysAllocStringLen
SysAllocString
SysFreeString
msvcp60
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@ABV12@II@Z
?_Grow@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAE_NI_N@Z
?_Xlen@std@@YAXXZ
?append@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBGI@Z
?append@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBGI@Z
?_Eos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXI@Z
?_Tidy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEX_N@Z
?_C@?1??_Nullstr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@CAPBGXZ@4GB
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Xran@std@@YAXXZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??Mstd@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGABV?$allocator@G@1@@Z
?_Split@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXXZ
?erase@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@II@Z
??Hstd@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@0@Z
??Hstd@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@PBG@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
msvcrt
_wcsicmp
iswdigit
wcstok
wcscpy
wcscat
wcsncmp
wcsncpy
wcslen
wcsstr
??2@YAPAXI@Z
_purecall
_snwprintf
__CxxFrameHandler
wcsrchr
time
_beginthreadex
wcsncat
rand
srand
_wtoi
wcschr
_wcsnicmp
_ltow
_except_handler3
wcspbrk
iswalpha
_local_unwind2
sprintf
isalnum
free
malloc
_ftol
_snprintf
fclose
fwrite
_wfopen
isprint
isspace
tolower
_wtol
_ui64tow
_wtoi64
_stricmp
wcscmp
ftell
fseek
fopen
_vsnwprintf
memmove
strstr
mktime
_waccess
localtime
qsort
strncpy
strncmp
_itow
strchr
wcstod
iswspace
strrchr
fputs
_strlwr
strncat
_vsnprintf
swscanf
swprintf
fputws
gmtime
_CIpow
towlower
towupper
_ismbslead
fprintf
_strnicmp
fgets
rewind
_atoi64
realloc
calloc
memset
memcpy
_CxxThrowException
__dllonexit
_onexit
?terminate@@YAXXZ
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
??1type_info@@UAE@XZ
_controlfp
fread
gdiplus
GdipCloneImage
GdipCreateBitmapFromHBITMAP
GdipSaveImageToFile
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipDrawImageRectRectI
GdipSetInterpolationMode
GdipGetImageWidth
GdipGetImageHeight
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdiplusStartup
GdiplusShutdown
GdipCreateSolidFill
GdipAlloc
GdipDeleteGraphics
GdipDeleteFont
GdipDeleteStringFormat
GdipReleaseDC
GdipDrawString
GdipSetStringFormatAlign
GdipCreateStringFormat
GdipGetFontHeight
GdipDeleteFontFamily
GdipCreateFont
GdipCreateFontFamilyFromName
GdipCreateFromHDC
GdipDeleteBrush
GdipCloneBrush
GdipFree
GdipGetGenericFontFamilySansSerif
GdipLoadImageFromStream
GdipDisposeImage
GdipSetImageAttributesColorMatrix
comctl32
ImageList_Create
ImageList_ReplaceIcon
ImageList_Remove
ImageList_Draw
_TrackMouseEvent
ImageList_GetIcon
ImageList_GetImageCount
ImageList_AddMasked
InitCommonControlsEx
ImageList_Duplicate
ImageList_GetIconSize
ImageList_Destroy
Sections
.text Size: 960KB - Virtual size: 959KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 72KB - Virtual size: 70KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 188KB - Virtual size: 719KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.taihang Size: 188KB - Virtual size: 187KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 560KB - Virtual size: 556KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ