ebbb3442c1cc91a3340405734c1e1e1e7d0bada08f2edb658f3a42a5f6f3628c | Triage

Submit
Reports

Overview

overview

8

Static

static

ebbb3442c1...8c.exe

windows7-x64

8

ebbb3442c1...8c.exe

windows10-2004-x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

ebbb3442c1cc91a3340405734c1e1e1e7d0bada08f2edb658f3a42a5f6f3628c.exe

Resource

win7-20220812-en

discovery persistence

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

ebbb3442c1cc91a3340405734c1e1e1e7d0bada08f2edb658f3a42a5f6f3628c.exe

Resource

win10v2004-20220812-en

discovery persistence

windows10-2004-x64

8 signatures

150 seconds

General

Target

ebbb3442c1cc91a3340405734c1e1e1e7d0bada08f2edb658f3a42a5f6f3628c
Size

400KB
MD5

704b0994a4a60f8ff46f4dc8f7759d10
SHA1

b3464806fdcab43262e78328187481891af8ef11
SHA256

ebbb3442c1cc91a3340405734c1e1e1e7d0bada08f2edb658f3a42a5f6f3628c
SHA512

a7a0921279bcfa0f7c41c375a3a9a5204c95c61561854163a5f35b54f083e6c5fe01d989a0dc33344b02e9221d2513ba49a90d78dc659c271380cb9b4c7c755f
SSDEEP

6144:4gco2dBEJvtTPsYrcyQJgPTc3Tv7zK367AVh:4gWdBEJvt/LZ7Q7uqcVh

Score

N/A

Malware Config

Signatures

Files

ebbb3442c1cc91a3340405734c1e1e1e7d0bada08f2edb658f3a42a5f6f3628c
.exe windows x86

a1b81e0593b9bd5765e948fec54267db

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
VirtualAlloc
CloseHandle
CreateEventW
FlushFileBuffers
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetACP
GetCPInfo
GetEnvironmentStrings
GetEnvironmentStringsW
GetFileType
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcessHeap
GetStdHandle
GetStringTypeA
GetStringTypeW
GetCommandLineW
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
InterlockedExchange
InterlockedIncrement
LCMapStringA
LCMapStringW
LoadLibraryA
LoadLibraryExA
MultiByteToWideChar
ResetEvent
RtlUnwind
SetFilePointer
SetHandleCount
SetStdHandle
VirtualFree
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WideCharToMultiByte
GetSystemInfo
CreateFileW

user32

LoadIconA
LoadCursorA

advapi32

RegOpenKeyW

Sections

.text
Size: 324KB - Virtual size: 323KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

2
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy