2e9cb049584302979f9d6b937319cff0587eef68f04132d571bdf1db0f3fd950 | Triage

Submit
Reports

Overview

overview

7

Static

static

2e9cb04958...50.exe

windows7-x64

7

2e9cb04958...50.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

2e9cb049584302979f9d6b937319cff0587eef68f04132d571bdf1db0f3fd950.exe

Resource

win7-20220812-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

2e9cb049584302979f9d6b937319cff0587eef68f04132d571bdf1db0f3fd950.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

2e9cb049584302979f9d6b937319cff0587eef68f04132d571bdf1db0f3fd950
Size

16KB
MD5

1b9495d1149b0d6db875d5d6f12e5219
SHA1

287a30d23b2c5b4999565954045c9b93209ae70c
SHA256

2e9cb049584302979f9d6b937319cff0587eef68f04132d571bdf1db0f3fd950
SHA512

fa6ea3cbfdd0b49e24f9b9ed46029e30742c9fe6d5c8df87a62565d7a419dcca082549d96c0409d089bc59714d805171ef09f6c74c953a61ca3ff95fbc1276ce
SSDEEP

384:6/LEPSIE8KIop9fhokJl/EmtpfMexS6UEQy4qobtjiKJIWD1TJRd17:bSHRIwhok5T/gHbNiwIWDRxJ

Score

N/A

Malware Config

Signatures

Files

2e9cb049584302979f9d6b937319cff0587eef68f04132d571bdf1db0f3fd950
.exe windows x86

9008f19b60b55a27eb724312a884597e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
WinExec
lstrlenA
lstrcatA
GetProcAddress
GetModuleHandleA
GetEnvironmentVariableA
IsBadReadPtr
OpenProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
GetCurrentProcess
CreateThread
Sleep
CopyFileA
lstrcpyA
DeleteFileW
ExpandEnvironmentStringsA
LoadLibraryA
lstrlenW
VirtualFreeEx
CreateDirectoryA
GetSystemDirectoryA
lstrcpyW
lstrcatW
MultiByteToWideChar
GetVersionExA
GetModuleFileNameA
CreateFileMappingA
MapViewOfFile
SetLastError
UnmapViewOfFile
GetFileSize
SetFilePointer
ReadFile
LocalAlloc
CloseHandle
LocalFree
VirtualFree
VirtualAlloc

user32

CharUpperA
MessageBoxA

imagehlp

CheckSumMappedFile

ntdll

NtSetSystemInformation
RtlInitUnicodeString
NtCreateFile
NtDeleteFile
RtlUnwind

psapi

EnumProcessModules
GetModuleBaseNameA

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy