ef45551a36f701e9e34efb83fb6bf5b5a67574d6275e56b3ccabc9de111844fe | Triage

Submit
Reports

Overview

overview

8

Static

static

ef45551a36...fe.exe

windows7-x64

8

ef45551a36...fe.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

ef45551a36f701e9e34efb83fb6bf5b5a67574d6275e56b3ccabc9de111844fe.exe

Resource

win7-20220901-en

discovery persistence upx

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

ef45551a36f701e9e34efb83fb6bf5b5a67574d6275e56b3ccabc9de111844fe.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

ef45551a36f701e9e34efb83fb6bf5b5a67574d6275e56b3ccabc9de111844fe
Size

749KB
MD5

67e8cdab372cd53888a10e6885c3eb86
SHA1

ce8601d62b7a2c7a396de069511b4b7e779d50b0
SHA256

ef45551a36f701e9e34efb83fb6bf5b5a67574d6275e56b3ccabc9de111844fe
SHA512

537f9170e27e180a3d252fbf45cadc88685e905ff547800c0d737585e9a19ea8a86ba58655b15e33132073d650bfa850f979565bec2c84a84c37b56caee13219
SSDEEP

12288:rzDuTGNZ5r5L9UaVxWVHsAv93IRa4iT3m49sXmtCqXaxAdoqAt0rXAYhH/Gtzmrv:rz5v5F9JVxWGA1qa4iC4sXmYqXaxKAml

Score

N/A

Malware Config

Signatures

Files

ef45551a36f701e9e34efb83fb6bf5b5a67574d6275e56b3ccabc9de111844fe
.exe windows x86

6201b1592ec042a010802656dd00f80e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
RemoveDirectoryA
WriteFile
GetFileType
HeapCreate
GetModuleFileNameA
ResumeThread
GetVersion
RemoveDirectoryA
SetVolumeLabelA
CreatePipe
CloseHandle
CreateDirectoryA
SuspendThread
CreateSemaphoreW
IsBadWritePtr
SetStdHandle
ExitThread
FindClose
GetDriveTypeA
CreateThread
FindAtomA
SetLastError
HeapFree
GetCommandLineA

uxtheme

DrawThemeBackground
CloseThemeData
GetWindowTheme
GetThemeColor
OpenThemeData
IsThemeActive
CloseThemeData
GetThemeTextMetrics
GetThemeTextExtent
GetThemeSysSize
SetWindowTheme
DrawThemeEdge
GetThemeBool

olesvr32

OleRevokeServer
OleRevokeServer
OleRevokeServer
OleRevokeServer

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 741KB - Virtual size: 740KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy