0f7cdb59a211ef1fd846d0f90cd95c2b3344bd42a71019b3cea2ea3b0ef4409e | Triage

Submit
Reports

Overview

overview

Static

static

0f7cdb59a2...9e.exe

windows7-x64

0f7cdb59a2...9e.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

0f7cdb59a211ef1fd846d0f90cd95c2b3344bd42a71019b3cea2ea3b0ef4409e.exe

Resource

win7-20220812-en

evasion persistence

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

0f7cdb59a211ef1fd846d0f90cd95c2b3344bd42a71019b3cea2ea3b0ef4409e.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

0f7cdb59a211ef1fd846d0f90cd95c2b3344bd42a71019b3cea2ea3b0ef4409e
Size

180KB
MD5

0a2ec664e1057b1d71e1ced9a5499626
SHA1

963cad0d8c7b06911ead37fb453fe9480a2f48b3
SHA256

0f7cdb59a211ef1fd846d0f90cd95c2b3344bd42a71019b3cea2ea3b0ef4409e
SHA512

42cb2262f6d6511c5e73bf3b696baa15d24a3b3cd8a2dafaacd867967ba43cb1a28303e1ce5b51b0f854c434d469a999f3c3a7f8902096f3b4fd5b336c80d3c5
SSDEEP

3072:1y4rCSCJvE06teMuv4hxfdgPW04ODQOPcqyedpCgXlfmC+HVO4AK:179w6Q4hxaPVQOPL2YfeH0c

Score

N/A

Malware Config

Signatures

Files

0f7cdb59a211ef1fd846d0f90cd95c2b3344bd42a71019b3cea2ea3b0ef4409e
.exe windows x86

2ff61a222c007b4a5a25e5ad691d062f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

gdi32

DeleteObject
SelectObject
StretchBlt
DeleteDC
Rectangle

user32

CharLowerW
CharNextW
GetKeyState
GetTopWindow
wsprintfA
wsprintfW
CharUpperW
MessageBoxW

kernel32

GetVersionExA
SetEnvironmentVariableA
CompareStringW
CompareStringA
lstrlenW
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapFree
IsValidLocale
GlobalGetAtomNameW
GlobalDeleteAtom
SystemTimeToTzSpecificLocalTime
RaiseException
InitializeCriticalSectionAndSpinCount
WideCharToMultiByte
GetStringTypeExW
MulDiv
Sleep
GetTickCount
GetCurrentThreadId
LocalAlloc
LocalFree
GetLastError

shell32

ord201
SHGetFolderPathA

oleaut32

DispGetIDsOfNames
CreateErrorInfo
SafeArrayGetLBound
SafeArrayAllocDescriptorEx
SysReAllocStringLen
OleLoadPicture

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 101KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy