56f9d8e9d38d9a8b979c12f036fbf45531e445b3ef768c1576aa81fe988171e3 | Triage

Submit
Reports

Overview

overview

8

Static

static

56f9d8e9d3...e3.exe

windows7-x64

8

56f9d8e9d3...e3.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

56f9d8e9d38d9a8b979c12f036fbf45531e445b3ef768c1576aa81fe988171e3.exe

Resource

win7-20220812-en

discovery evasion persistence

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

56f9d8e9d38d9a8b979c12f036fbf45531e445b3ef768c1576aa81fe988171e3.exe

Resource

win10v2004-20220812-en

discovery evasion persistence

windows10-2004-x64

10 signatures

150 seconds

General

Target

56f9d8e9d38d9a8b979c12f036fbf45531e445b3ef768c1576aa81fe988171e3
Size

272KB
MD5

4330dfeddd10efc67470b5c9cf0c7185
SHA1

7ac605d7534a8496efc93745dc36486160e92b4d
SHA256

56f9d8e9d38d9a8b979c12f036fbf45531e445b3ef768c1576aa81fe988171e3
SHA512

fd7b5a593af7b352dae21ced0b27a702628451c3bb19b3f0875d93033062d2db68bd0418961fab2f01f47551b33b38cd1f52d603962925e7ef6356e2c217add9
SSDEEP

6144:1L7DNJ8OvLovy40GAWEQHt2NoTxquXFL7BZLQ77hggg:1L7DN2OsD0GA/QHt2upXFL7nLQ77hggg

Score

N/A

Malware Config

Signatures

Files

56f9d8e9d38d9a8b979c12f036fbf45531e445b3ef768c1576aa81fe988171e3
.exe windows x86

b9708ab310fe875530ff4798a1236f9d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsZoomed
GetClassLongA
IsMenu
DrawStateA
PostMessageW
DialogBoxParamA
LoadIconA
CreateDesktopW
GetMessageW
PeekMessageW
IsDialogMessageW
LoadMenuW
InsertMenuA
CharToOemA
FlashWindow

kernel32

CloseHandle
GetNumberFormatW
WaitForSingleObject
LoadLibraryW
FormatMessageA
GetModuleHandleA
VirtualProtectEx
MapViewOfFile
GetFullPathNameW
GetCommandLineA
GetCurrentProcess
EncodePointer

untfs

FormatEx
Format
Extend
Chkdsk
Recover

dhcpcsvc

DhcpEnumClasses
McastApiCleanup

Sections

.text
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy