c6fab8ef6048cb108ce728757729d84e1004083aafdb8a7267122c74ae1a51e8 | Triage

Submit
Reports

Overview

overview

8

Static

static

c6fab8ef60...e8.exe

windows7-x64

8

c6fab8ef60...e8.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

c6fab8ef6048cb108ce728757729d84e1004083aafdb8a7267122c74ae1a51e8.exe

Resource

win7-20220901-en

persistence upx

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

c6fab8ef6048cb108ce728757729d84e1004083aafdb8a7267122c74ae1a51e8.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

c6fab8ef6048cb108ce728757729d84e1004083aafdb8a7267122c74ae1a51e8
Size

310KB
MD5

a63b1862b90a27343604b88a34b5871b
SHA1

88e11471b1c24cc295513272b24890f69c4eb712
SHA256

c6fab8ef6048cb108ce728757729d84e1004083aafdb8a7267122c74ae1a51e8
SHA512

2539026c89a2a0c8eafdc86725d2a59ce59c64fa97b54d04ee5eda12118f9bfbde97efc028187611c228d42a747ddd92cd1d979cdb617a9b3a9d81dc91fb0af0
SSDEEP

6144:JlT4RgdWWEyKaIUhu71Wk/u8QN/rAL01a9mM6WAUep5UauhNehxO:jTp1EbUQRWkW9N/rAIEwMjDQUaNi

Score

N/A

Malware Config

Signatures

Files

c6fab8ef6048cb108ce728757729d84e1004083aafdb8a7267122c74ae1a51e8
.exe windows x86

891523e3633d58caf4c8dfcb86d95246

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
GetDriveTypeA
CloseHandle
GetLocaleInfoA
HeapCreate
RaiseException
LoadLibraryExA
GlobalDeleteAtom
SetErrorMode
GlobalAddAtomA
Sleep
EnterCriticalSection
GlobalUnlock
VirtualProtect
SetConsoleOutputCP
LockResource
GetLastError
FileTimeToLocalFileTime
InterlockedExchange
GetACP
GlobalFree

user32

IsIconic
SetForegroundWindow
ClipCursor
ReleaseDC
GetParent
GetMenuItemInfoA
GetClassNameA
DrawTextA
ShowWindow
GetActiveWindow
GetWindow
BeginPaint
EndPaint
GetCursorPos
GetWindowTextA
ValidateRect
GetFocus
DrawEdge
OemToCharW

wtsapi32

WTSCloseServer
WTSFreeMemory
WTSOpenServerA
WTSQueryUserToken
WTSLogoffSession

netapi32

DsRoleCancel

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy