d0bf4766379a50855e14b735a9df93c4df72336762bed31b6e8430f3a0e9a905 | Triage

Submit
Reports

Overview

overview

8

Static

static

d0bf476637...05.exe

windows7-x64

8

d0bf476637...05.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

d0bf4766379a50855e14b735a9df93c4df72336762bed31b6e8430f3a0e9a905.exe

Resource

win7-20220812-en

discovery persistence upx

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

d0bf4766379a50855e14b735a9df93c4df72336762bed31b6e8430f3a0e9a905.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

2 signatures

150 seconds

General

Target

d0bf4766379a50855e14b735a9df93c4df72336762bed31b6e8430f3a0e9a905
Size

746KB
MD5

005e32ee13e09a3469e11d69f493be6e
SHA1

e71dda0addc98164c0d29c5cd89c393f755e0846
SHA256

d0bf4766379a50855e14b735a9df93c4df72336762bed31b6e8430f3a0e9a905
SHA512

746837095c87d9b704f75e5376009df3088a8f4d59d40cc3dbc4f1ff89def0f005a1bede3a3fa4aff2514a69a2d069cd94b6aeaf5af3db1bfde5600c1842a11c
SSDEEP

12288:WqI+5125Tu2YK/TC3meMEKe7jqnzcotrdGGvW0+m4sAANxm3bnSDg:Lf25yhwT2mfzHtrwbANK

Score

N/A

Malware Config

Signatures

Files

d0bf4766379a50855e14b735a9df93c4df72336762bed31b6e8430f3a0e9a905
.exe windows x86

17f8241faae451193abdb4eca7f67fa8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindVolumeClose
GetDriveTypeA
WaitForMultipleObjects
ReadFile
GlobalLock
GetCommandLineW
FindClose
GetFileAttributesA
HeapCreate
GetModuleHandleA
GetCommandLineA
lstrlenA
GetCurrentDirectoryW
ExitThread
SetFileAttributesW
MapViewOfFile
FindVolumeClose
EnterCriticalSection
LocalSize
HeapFree
CloseHandle
GetEnvironmentVariableW
GetFileType
GetFileTime
IsBadReadPtr

uxtheme

GetThemeBool
GetThemeColor
OpenThemeData
CloseThemeData
GetThemeTextExtent
DrawThemeBackground
GetThemeTextMetrics
IsThemeActive
DrawThemeEdge
CloseThemeData
GetWindowTheme
SetWindowTheme
GetThemeEnumValue

dmocx

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 738KB - Virtual size: 738KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy