9c6870a1b212d6ea35be70c3763d87e2ad50ab3fd6fbeab64c3ad8ceb162ffe0 | Triage

Submit
Reports

Overview

overview

9

Static

static

9c6870a1b2...e0.exe

windows7-x64

9

9c6870a1b2...e0.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

9c6870a1b212d6ea35be70c3763d87e2ad50ab3fd6fbeab64c3ad8ceb162ffe0.exe

Resource

win7-20220812-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

9c6870a1b212d6ea35be70c3763d87e2ad50ab3fd6fbeab64c3ad8ceb162ffe0.exe

Resource

win10v2004-20220812-en

evasion persistence

windows10-2004-x64

5 signatures

150 seconds

General

Target

9c6870a1b212d6ea35be70c3763d87e2ad50ab3fd6fbeab64c3ad8ceb162ffe0
Size

515KB
MD5

4f90a48f0775208f75d104f8cc4cf8b0
SHA1

c5f8ea748cfd82d0087d724d42e8c4c18c69f367
SHA256

9c6870a1b212d6ea35be70c3763d87e2ad50ab3fd6fbeab64c3ad8ceb162ffe0
SHA512

be7437cc167912eae2d6e8b80719306a414238ec1c224a50c42b30efcabe96ebd351be1d8ecf2164ace1af96c0ae924c38cb527324c4de53d939b3a6f7a9efce
SSDEEP

12288:JdxYtVrDwXMNQB0O1zBnc3qp4t1Ntt9Ls/4SVjy:Jru8XTmOFp4bhlsby

Score

N/A

Malware Config

Signatures

Files

9c6870a1b212d6ea35be70c3763d87e2ad50ab3fd6fbeab64c3ad8ceb162ffe0
.exe windows x86

126c117b1481d79167d9d9b969b427a4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

tapi32

lineBlindTransferW
lineConfigDialogW
lineDrop
lineGetAddressCapsA
lineNegotiateAPIVersion
lineClose
lineGetCountryW
lineOpen

advapi32

WmiDevInstToInstanceNameW
LsaICLookupSids
GetAclInformation
RevertToSelf
RegNotifyChangeKeyValue

kernel32

lstrcmpiA
CloseProfileUserMapping
FoldStringW
GetNamedPipeHandleStateA
GetSystemWindowsDirectoryA
OpenMutexW
VirtualAlloc
PulseEvent
FindAtomW
FreeLibrary
lstrlenW

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 466KB - Virtual size: 695KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy