b66dfa720403d2f7a509ecf48ef53d6c4a72f7fc5541cf0925f2f2aa3cc93df8 | Triage

Submit
Reports

Overview

overview

8

Static

static

b66dfa7204...f8.exe

windows7-x64

8

b66dfa7204...f8.exe

windows10-2004-x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

b66dfa720403d2f7a509ecf48ef53d6c4a72f7fc5541cf0925f2f2aa3cc93df8.exe

Resource

win7-20220812-en

discovery evasion persistence

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

b66dfa720403d2f7a509ecf48ef53d6c4a72f7fc5541cf0925f2f2aa3cc93df8.exe

Resource

win10v2004-20220901-en

discovery evasion persistence

windows10-2004-x64

9 signatures

150 seconds

General

Target

b66dfa720403d2f7a509ecf48ef53d6c4a72f7fc5541cf0925f2f2aa3cc93df8
Size

292KB
MD5

67ab2acdb66745f9e6a5824ca8778766
SHA1

3044326a75643e9f3cc5ffa9c52709c0fe6ed0a5
SHA256

b66dfa720403d2f7a509ecf48ef53d6c4a72f7fc5541cf0925f2f2aa3cc93df8
SHA512

3b3b5ffae9570045182a8bdf6f89f012f528c5c250cad1bb7035f5198f1d95f08db9acc60509044812c718157238a629ecc3ab8f496c911e9b4f96c9f10a1485
SSDEEP

3072:YHIWwolz9opxKoR5HUNDQdcON9QV5i1Zq0Iprtf32g+qW1GntMh:GIWV9opxKZA9QVcU32g+qW1Gn

Score

N/A

Malware Config

Signatures

Files

b66dfa720403d2f7a509ecf48ef53d6c4a72f7fc5541cf0925f2f2aa3cc93df8
.exe windows x86

2903abf1e0a303fe8c793c18c2b588c9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetGeoInfoW
lstrcpynA
EncodePointer
CompareStringA
GetModuleHandleA
CloseHandle
CreateFileMappingA
WriteConsoleW
GetPrivateProfileIntA
VirtualProtectEx
WaitForSingleObject
LoadLibraryW

dhcpcsvc

DhcpEnumClasses
McastApiCleanup

user32

LoadMenuW
DialogBoxParamA
FlashWindow
LoadIconA
PostMessageW
InsertMenuA
GetPropW
GetMessageW
ShowWindow
IsZoomed
IsDialogMessageW

clbcatq

CoRegCleanup
SetSetupOpen
ComPlusMigrate
DowngradeAPL

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 216KB - Virtual size: 214KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy