Erbium@[.]exe | Triage

Submit
Reports

Overview

overview

8

Static

static

[email protected]

windows7-x64

8

[email protected]

windows10-1703-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

[email protected]

Resource

win7-20220812-de

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

[email protected]

Resource

win10-20220812-de

windows10-1703-x64

2 signatures

150 seconds

General

Target

[email protected]
Size

7KB
MD5

cc6493c1e29188316b0ccbd63043b19d
SHA1

cc4334251b65a608307c219dab86701ac0350f14
SHA256

8ffc66c79d78cc2fd3eeeb15539b25cc40cd0b1a6a1e699b5518d04b0cfdb61c
SHA512

7a450b5d391741ff8e16cd8eb928c237e9598be954aa182096c0b848d8835d6194d33d042c30cfb273bda22c071105e48bb31b29e9e8e4dba5aff6f4d2e8e437
SSDEEP

96:3QTNCZ3DZiESRfPNsn8WXmO8qQuD1oCbyRTq8T8bMW32hWUb:3QcZzURHNejXmO8q7xlbuTX6Q

Score

N/A

Malware Config

Signatures

Files

[email protected]
.exe windows x86

e2cf7e9b7ea276e49dd6f9224087577b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winhttp

WinHttpOpenRequest
WinHttpReceiveResponse
WinHttpOpen
WinHttpReadData
WinHttpQueryDataAvailable
WinHttpCloseHandle
WinHttpSendRequest
WinHttpConnect

kernel32

CreateRemoteThread
GetProcAddress
LoadLibraryA
GetSystemInfo
MultiByteToWideChar
VirtualAlloc
GetCurrentProcess
VirtualFree

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy