ebd187987d3d0b922fba1741bd96312798ef1888816a325766747866ca8d15ca | Triage

Submit
Reports

Overview

overview

Static

static

ebd187987d...ca.exe

windows7-x64

ebd187987d...ca.exe

windows10-2004-x64

5

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

ebd187987d3d0b922fba1741bd96312798ef1888816a325766747866ca8d15ca.exe

Resource

win7-20220812-en

evasion persistence

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

ebd187987d3d0b922fba1741bd96312798ef1888816a325766747866ca8d15ca.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

2 signatures

150 seconds

General

Target

ebd187987d3d0b922fba1741bd96312798ef1888816a325766747866ca8d15ca
Size

206KB
MD5

635a5aad75a562b40d9cd3e23f61bc77
SHA1

07718f751fc0fac84d01849f25ff38ea1403d1f9
SHA256

ebd187987d3d0b922fba1741bd96312798ef1888816a325766747866ca8d15ca
SHA512

73fb6e3672839a73c79ea3f962f224b3598d476165343bff594dafcf1e8cb2705ddfd2190a66970f38f317b26897cd25ac98f0def07993ec5e5319f8df40074b
SSDEEP

3072:JUdas6F7Oq4W+qWFG/zY//HlIwFlbThSAFP2jfhld03iuRXCpSvFWBMuQVxtt3ZP:xp0GZenU+2jfdkiuBvvF1l5Fg

Score

N/A

Malware Config

Signatures

Files

ebd187987d3d0b922fba1741bd96312798ef1888816a325766747866ca8d15ca
.exe windows x86

df8b8e438d2e2d4ccc3948506c73461c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetModuleHandleA
GetStartupInfoA
GetModuleHandleW
GetLastError
SetLastError
GetCommandLineA

user32

LoadCursorFromFileA
ScreenToClient
ShowCursor

gdi32

CombineTransform
CancelDC
GetMapMode

winspool.drv

DeviceCapabilitiesW

msvcrt

_adjust_fdiv
_exit
_controlfp
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_XcptFilter
__p__commode
__p__fmode
__set_app_type
_except_handler3

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 188KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 466B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy