104debfc866c8a7ff1a5ee807d58870382118f370fbbb278cad39770b0608b5e | Triage

Submit
Reports

Overview

overview

1

Static

static

104debfc86...5e.exe

windows7-x64

104debfc86...5e.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

104debfc866c8a7ff1a5ee807d58870382118f370fbbb278cad39770b0608b5e.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

104debfc866c8a7ff1a5ee807d58870382118f370fbbb278cad39770b0608b5e.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

104debfc866c8a7ff1a5ee807d58870382118f370fbbb278cad39770b0608b5e
Size

160KB
MD5

7c47d19f42b2849aaa05de7b30036a10
SHA1

72fbb8bf339b5ee6bcae7a2280a2c9ac0097f956
SHA256

104debfc866c8a7ff1a5ee807d58870382118f370fbbb278cad39770b0608b5e
SHA512

6132efd716c485097102961058f3ac039aa128a1e842de60de31ba7bc05f411c087e4cb1255eeae0e452708ee3ead95719f35095e04815a22974d927d14646a1
SSDEEP

3072:TZdHgX5JFxiXeOmkogo7ggaelyjJkKIwaTK+:Lebx2Log4ZyjJ5IwaT

Score

N/A

Malware Config

Signatures

Files

104debfc866c8a7ff1a5ee807d58870382118f370fbbb278cad39770b0608b5e
.exe windows x86

6efc2993abfc52138138718cc96309d4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memcpy
malloc
free
_vsnwprintf
_wtoi
memset
wcschr

ntdll

LdrFindResource_U
LdrAccessResource
RtlCompareMemory
NtQuerySystemInformation
RtlInitUnicodeString
ZwClose
ZwReadFile
ZwWriteFile
ZwOpenFile
ZwDeviceIoControlFile
ZwCreateFile

psapi

GetModuleBaseNameW

kernel32

ExpandEnvironmentStringsW
VirtualAlloc
GlobalAddAtomW
DeleteFileW
GetTickCount
GetVolumeInformationW
VirtualFree
GetVersion
GetWindowsDirectoryW
ExitProcess
GetFileSize
MoveFileExW
GetCurrentProcess
GetModuleHandleW
ReadFile
GetModuleFileNameW
CreateFileW
GetTempPathW
GetLastError
GetProcAddress
CloseHandle
GlobalFindAtomW

user32

wsprintfW

advapi32

RegCreateKeyW
RegCloseKey
RegOpenKeyW

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 374B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy