855b2a6702094bc3df314d428e49326472053fd1d1eba41d6f9dea2b4ff0fea6 | Triage

Submit
Reports

Overview

overview

1

Static

static

855b2a6702...a6.exe

windows7-x64

1

855b2a6702...a6.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

855b2a6702094bc3df314d428e49326472053fd1d1eba41d6f9dea2b4ff0fea6.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

855b2a6702094bc3df314d428e49326472053fd1d1eba41d6f9dea2b4ff0fea6.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

855b2a6702094bc3df314d428e49326472053fd1d1eba41d6f9dea2b4ff0fea6
Size

308KB
MD5

7a35fa9664e09600455b880c2dc0c9c1
SHA1

3190317119d40922ed64520c8714d68fd2580be1
SHA256

855b2a6702094bc3df314d428e49326472053fd1d1eba41d6f9dea2b4ff0fea6
SHA512

22a3e9c0fe2019c8fe637b5b1f1890def6885003db7f50e7ab2dde2bc6d5c727acf1c5800119da9ea85dff75f91210a1a95696b354b793dbb2265bf45a61521a
SSDEEP

6144:Q2aZ4X5XNJM2LIsU6UeTc1dLfXgWyWVKEQzRiEqAqlxMyQu:QA5XN62kgQ1dL4WhVIRVoa0

Score

N/A

Malware Config

Signatures

Files

855b2a6702094bc3df314d428e49326472053fd1d1eba41d6f9dea2b4ff0fea6
.exe windows x86

c0f141eb7b851494b07bd712977e0a51

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyW
GetDiskFreeSpaceW
GetPrivateProfileIntA
WaitForSingleObject
GetModuleHandleW
GetPrivateProfileIntA
InterlockedIncrement
GetCurrentDirectoryA
HeapCreate
GetExitCodeProcess
ReadFileEx
lstrcmpA
GetLongPathNameA
InterlockedDecrement
SetEnvironmentVariableA
LoadLibraryA
GetStringTypeW
GetLogicalDrives
GetDiskFreeSpaceW
Heap32First
GetPrivateProfileSectionA
Sleep
FindResourceW

apphelp

AllowPermLayer
SdbCreateMsiTransformFile
ApphelpCheckIME
ApphelpCheckExe

clbcatq

DllGetClassObject
SetupOpen
ComPlusMigrate
DllGetClassObject
CheckMemoryGates
CheckMemoryGates
SetSetupSave
SetupOpen
ComPlusMigrate
SetSetupSave
CheckMemoryGates
SetupOpen
ComPlusMigrate

version

VerFindFileA

Sections

.text
Size: 1024B - Virtual size: 896B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 304KB - Virtual size: 308KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy