b827976f26fff27a6a082203c87658b772ee0baf3a0cdcc84ddf440f7daaa26c | Triage

Submit
Reports

Overview

overview

8

Static

static

b827976f26...6c.exe

windows7-x64

8

b827976f26...6c.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

b827976f26fff27a6a082203c87658b772ee0baf3a0cdcc84ddf440f7daaa26c.exe

Resource

win7-20220812-en

discovery evasion persistence

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

b827976f26fff27a6a082203c87658b772ee0baf3a0cdcc84ddf440f7daaa26c.exe

Resource

win10v2004-20220812-en

discovery evasion persistence

windows10-2004-x64

10 signatures

150 seconds

General

Target

b827976f26fff27a6a082203c87658b772ee0baf3a0cdcc84ddf440f7daaa26c
Size

268KB
MD5

646d923d8b79b92aab5605b38c47c543
SHA1

ff213685646db15752367571493fb69d41818894
SHA256

b827976f26fff27a6a082203c87658b772ee0baf3a0cdcc84ddf440f7daaa26c
SHA512

b100637f9f03f46ec8df8a2634e4da21ee168619eb7aff9532e84b09cf9f214ac90aa86635ddd7ed1e7981a2988b14ae34d021ded2b6f9fdf7654ee22fa13ace
SSDEEP

6144:m4Oho1L6xmOTrWvCejj6iIoyPzJ5v1o6KlDnZhQIo:mjGd06aejj5yPzA5ZhLo

Score

N/A

Malware Config

Signatures

Files

b827976f26fff27a6a082203c87658b772ee0baf3a0cdcc84ddf440f7daaa26c
.exe windows x86

f1d7ebeea531d5a3030bf90ba63f35b3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

clbcatq

SetSetupOpen
DowngradeAPL
SetSetupSave

nddeapi

NDdeShareGetInfoA
NDdeShareAddA
NDdeShareDelA
NDdeShareEnumA

user32

LoadCursorW
IsDialogMessageW
LoadIconA
GetClassLongA
IsZoomed
LoadBitmapA
PeekMessageW
InsertMenuA
CreateDesktopW
IsZoomed
DialogBoxParamA
CharToOemA
wsprintfA
PostMessageW
FlashWindow
GetMessageW
DispatchMessageW
GetPropW

kernel32

WriteConsoleW
GetDriveTypeA
VirtualProtectEx
WaitForSingleObject
GetConsoleTitleW
GetFullPathNameW
HeapSize
LoadLibraryW
FormatMessageA
GetModuleHandleA
lstrcpynA
CloseHandle

Sections

.text
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy