bd20a38cf4b3c160d6a9196600d5537985c615e365190da99d4f2ec6788e48f7 | Triage

Submit
Reports

Overview

overview

7

Static

static

bd20a38cf4...f7.exe

windows7-x64

7

bd20a38cf4...f7.exe

windows10-2004-x64

7

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

bd20a38cf4b3c160d6a9196600d5537985c615e365190da99d4f2ec6788e48f7.exe

Resource

win7-20220812-en

adware discovery stealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

bd20a38cf4b3c160d6a9196600d5537985c615e365190da99d4f2ec6788e48f7.exe

Resource

win10v2004-20220812-en

adware discovery stealer

windows10-2004-x64

8 signatures

150 seconds

General

Target

bd20a38cf4b3c160d6a9196600d5537985c615e365190da99d4f2ec6788e48f7
Size

36KB
MD5

933b4213300a7a93c317954b09f4e17e
SHA1

2aa38c56e92a99345251f71cf470ef5f4938def9
SHA256

bd20a38cf4b3c160d6a9196600d5537985c615e365190da99d4f2ec6788e48f7
SHA512

5742c6f366e12b4a9c2f244b62709abaf2b8ebd8ed3b3334faba75fa4631257cf42bd4a514c3ff0f2e19dd6a0eeba70d8a677c471d166d1a4d9dd7091836a624
SSDEEP

768:GRcetMCMx3EY9KP5mP3KASn6kSEB3bNzIkLyrSG7Q:hicPEhmPn85NDLyrx7Q

Score

N/A

Malware Config

Signatures

Files

bd20a38cf4b3c160d6a9196600d5537985c615e365190da99d4f2ec6788e48f7
.exe windows x86

2f2667c5c559e33607cef55c6306e96e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetModuleHandleA
GetCommandLineA
lstrlenA
FreeResource
CloseHandle
WriteFile
LockResource
CreateFileA
SizeofResource
LoadResource
FindResourceA
DeleteFileA
CreateDirectoryA
SetFilePointer
ReadFile
SetCurrentDirectoryA
MoveFileExA
Sleep
lstrcpyA
HeapFree
GetProcessHeap
HeapAlloc

user32

wsprintfA

advapi32

RegSetValueExA
RegOpenKeyA
RegCreateKeyA
RegCloseKey

shell32

ShellExecuteA
SHGetSpecialFolderPathA

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy