bdda3aebc3c132f16b8d0672ad6e6965545f93282f1c35274d74b8b854d10d5c | Triage

Submit
Reports

Overview

overview

Static

static

bdda3aebc3...5c.exe

windows7-x64

3

bdda3aebc3...5c.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

bdda3aebc3c132f16b8d0672ad6e6965545f93282f1c35274d74b8b854d10d5c.exe

Resource

win7-20220812-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

bdda3aebc3c132f16b8d0672ad6e6965545f93282f1c35274d74b8b854d10d5c.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

5 signatures

150 seconds

General

Target

bdda3aebc3c132f16b8d0672ad6e6965545f93282f1c35274d74b8b854d10d5c
Size

551KB
MD5

9c316d6462a09d047bd3cf69e5a03d2f
SHA1

df240e3a7e3af836517e7139fed8db1a2f1b757a
SHA256

bdda3aebc3c132f16b8d0672ad6e6965545f93282f1c35274d74b8b854d10d5c
SHA512

14c2ef4aeadc24fb481618b2527eeafedbc71ff76252d8825bc3027669e5c99b7ee7af775c8bd8904212819ccd7f15c4292a0ffacf02c7f01823cd68bafd95c9
SSDEEP

12288:X6DSAnuRMvSfp+Muq2UnO/Jzqgp2a1hyws6by/xAhnme:X6Dbu1cMNhO/5qgpMtksxEme

Score

N/A

Malware Config

Signatures

Files

bdda3aebc3c132f16b8d0672ad6e6965545f93282f1c35274d74b8b854d10d5c
.exe windows x86

0d58e0d68243504d1aaf58c4f4839a9f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatW
SetFileTime
VirtualProtect
CopyFileW
GetFileTime
lstrcmpiW
VirtualAlloc
CloseHandle
GetFileSize
GetModuleHandleA
lstrcatA
HeapReAlloc
WideCharToMultiByte
FindResourceW
GetDiskFreeSpaceW
GetFileSizeEx
GetModuleFileNameA

user32

SetThreadDesktop
SetProcessWindowStation
LoadCursorA
GetForegroundWindow
FindWindowExA
SendMessageA
DrawIcon
GetWindowThreadProcessId
CloseWindowStation
ExitWindowsEx
GetDlgItem
OpenDesktopA
GetMessageA
GetCursorPos

advapi32

CryptHashData
CryptCreateHash
CryptAcquireContextW
CryptReleaseContext
RegSetValueExA
RegEnumKeyExA
GetUserNameW
CryptGetHashParam
RegQueryValueExA
RegDeleteValueA
DuplicateTokenEx
RegCloseKey

shlwapi

PathRemoveFileSpecW
PathMatchSpecW
wnsprintfW
SHDeleteKeyA
PathFindFileNameW
PathCombineW
StrCmpNIA
StrCmpNIW
wvnsprintfA
PathFileExistsW
StrStrW

Sections

.text
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy