4de15ac45a5e12908f6a82f1a59278473cce893e320272a8660c3981d71db3fa | Triage

Submit
Reports

Overview

overview

9

Static

static

Rechnung 1...bH.exe

windows7-x64

9

Rechnung 1...bH.exe

windows10-2004-x64

9

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

Rechnung 18.08.2015 - Abrechnung Directpay GmbH.exe

Resource

win7-20220812-en

evasion persistence upx

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

Rechnung 18.08.2015 - Abrechnung Directpay GmbH.exe

Resource

win10v2004-20220812-en

evasion persistence upx

windows10-2004-x64

8 signatures

150 seconds

General

Target

4de15ac45a5e12908f6a82f1a59278473cce893e320272a8660c3981d71db3fa
Size

88KB
MD5

e9b36039b4e8bc1f8ca550b7b0a247b9
SHA1

aa70dc43d90d6f861186ec422327316f640009b6
SHA256

4de15ac45a5e12908f6a82f1a59278473cce893e320272a8660c3981d71db3fa
SHA512

3a338ea35ff15b58522a8990f2a99df9a76d526c901ea30271692dead83468e497cb6006b0e0b7c8628b50e531cd336d2892c6f0a06c0a7be7b1ad7bb1acbbe5
SSDEEP

1536:QnJRpm0QmwWAeyLUsPGnDG9yI6byNmCGmEYsf7qHv77BT1lsGQhprWXF:QDY0FAfUaAylBm3Ysf67F1WWF

Score

N/A

Malware Config

Signatures

Files

4de15ac45a5e12908f6a82f1a59278473cce893e320272a8660c3981d71db3fa
.zip
Rechnung 18.08.2015 - Abrechnung Directpay GmbH.com
.exe windows x86

1fac9ced3a104d22eb0b13a0eb6f43c0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

GradientFill
AlphaBlend

kernel32

SearchPathW
GetLocaleInfoW
GetModuleHandleA
lstrcpyA
CreateDirectoryW
InitializeCriticalSection
GetCurrentDirectoryA
GetLocalTime
WaitForSingleObjectEx
GetStringTypeA
GetLastError
GetLogicalDriveStringsA
GetProcAddress
GetCurrentProcess
GetOEMCP
CompareStringW
GetCommandLineW
DeleteFileA
GetShortPathNameA
GetACP
FormatMessageA

user32

MessageBoxA
CreateDesktopA
LoadBitmapW
OemToCharA
EnumDesktopsA
DefDlgProcW
LoadImageW
SendMessageA
InsertMenuA
EndDialog
EnumWindows
FindWindowW

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1010B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy