6b1e4990e7cc858fd7976d9aa73ea38b323884d0f5e3b92fb87fd8ff1182d9ff | Triage

Submit
Reports

Overview

overview

3

Static

static

6b1e4990e7...ff.exe

windows7-x64

3

6b1e4990e7...ff.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

6b1e4990e7cc858fd7976d9aa73ea38b323884d0f5e3b92fb87fd8ff1182d9ff.exe

Resource

win7-20220812-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

6b1e4990e7cc858fd7976d9aa73ea38b323884d0f5e3b92fb87fd8ff1182d9ff.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

6b1e4990e7cc858fd7976d9aa73ea38b323884d0f5e3b92fb87fd8ff1182d9ff
Size

224KB
MD5

eabcf78e7528f3e9712d921c6150bbd4
SHA1

d1b91651fff56df73804bfe17576f1e8dcf5c210
SHA256

6b1e4990e7cc858fd7976d9aa73ea38b323884d0f5e3b92fb87fd8ff1182d9ff
SHA512

b10c1d926d163232db8a6db77e10bfa1800cce719532e97fb1ff06fcd5a6aa75a934095b839d16837f89dcaabf71034da7fa9656e10c614870ede5d36e8f82e3
SSDEEP

6144:rO/zKgMBE83EbiWWL5OLK//c0TWxyAyRNyEar1BFgPU86Km+jGn3xfhy:rO/zKgMBE83EbiWWl5//c0TWxyAyRwEQ

Score

N/A

Malware Config

Signatures

Files

6b1e4990e7cc858fd7976d9aa73ea38b323884d0f5e3b92fb87fd8ff1182d9ff
.exe windows x86

5e03930c01df52da863fa50dda2814f6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

NtClose
NtDeviceIoControlFile
NtOpenFile
NtQueryBootEntryOrder
NtQueryInformationFile
NtReadFile
NtSetBootEntryOrder
NtSetInformationFile
NtWriteFile
RtlAdjustPrivilege
RtlCreateUnicodeString
RtlFreeUnicodeString
NtAddBootEntry
VerSetConditionMask

user32

DefWindowProcA
DestroyWindow
DispatchMessageA
GetWindowLongA
CharLowerA
CharToOemA
MsgWaitForMultipleObjects
PeekMessageA
PostMessageA
CharUpperA
RegisterClassA
SetWindowLongA
TranslateMessage
UnregisterClassA
wsprintfA
wsprintfW
CreateWindowExA

Sections

.text
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy