dfea0b49c1cfa9fbd0aa168fe740a70d6eab0c40e544e9b105ce8fb3eed795e1 | Triage

Submit
Reports

Overview

overview

Static

static

dfea0b49c1...e1.exe

windows7-x64

dfea0b49c1...e1.exe

windows10-2004-x64

5

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

dfea0b49c1cfa9fbd0aa168fe740a70d6eab0c40e544e9b105ce8fb3eed795e1.exe

Resource

win7-20220812-en

evasion persistence

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

dfea0b49c1cfa9fbd0aa168fe740a70d6eab0c40e544e9b105ce8fb3eed795e1.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

4 signatures

150 seconds

General

Target

dfea0b49c1cfa9fbd0aa168fe740a70d6eab0c40e544e9b105ce8fb3eed795e1
Size

206KB
MD5

024f08de698b6b7e784214f4fcaa05a4
SHA1

e2ba2fc3ef2b8b97a7ed500633cda58fdd652a93
SHA256

dfea0b49c1cfa9fbd0aa168fe740a70d6eab0c40e544e9b105ce8fb3eed795e1
SHA512

b94e940653076d29c780c2ecb4f4910737404f9f8861b14b254f06069616962f12c7976bcc8bc30f7a04596432988c6db2ac949011e7d92414e2e7672b2c3084
SSDEEP

3072:7YbzUjda2IUFtqEqWDPuA3JXYIBLgU+XCOjBS/9sCQqp6FV2M/MJ4Lo8HecmbCwO:8bQ5Z1tbDPbaQLyl0uPqp6iM/8Oy131

Score

N/A

Malware Config

Signatures

Files

dfea0b49c1cfa9fbd0aa168fe740a70d6eab0c40e544e9b105ce8fb3eed795e1
.exe windows x86

329d38cdd4767be9db3613db28708b6e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
ExitProcess
GetModuleHandleA
GetProcAddress
lstrlenA
GetProcessHeap
HeapAlloc
GetVersionExA
HeapFree
FlushFileBuffers
GetConsoleMode
GetConsoleCP
CreateFileA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
WriteConsoleW
GetVersionExW
GetEnvironmentVariableW
GetTempPathW
GetModuleHandleW
CreateFileW
LoadLibraryExW
SetEvent
CreateThread
CreateProcessW
WaitForSingleObject
GetExitCodeProcess
MoveFileExW
CreateDirectoryW

ole32

CoRegisterMallocSpy
StringFromGUID2
CLSIDFromString

winmm

timeEndPeriod

comdlg32

GetOpenFileNameA

shlwapi

StrStrA

Sections

.text
Size: 143KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 78B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy