9c197bd3223a27b6b61d8b7dddef4d63c92bd8f5ab998473cd86dd59e1a5bf87 | Triage

Submit
Reports

Overview

overview

8

Static

static

9c197bd322...87.exe

windows7-x64

8

9c197bd322...87.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

9c197bd3223a27b6b61d8b7dddef4d63c92bd8f5ab998473cd86dd59e1a5bf87.exe

Resource

win7-20220812-en

discovery evasion persistence

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

9c197bd3223a27b6b61d8b7dddef4d63c92bd8f5ab998473cd86dd59e1a5bf87.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

9c197bd3223a27b6b61d8b7dddef4d63c92bd8f5ab998473cd86dd59e1a5bf87
Size

252KB
MD5

6d8a51698640f02175b971116a972797
SHA1

d2d83503a3f098554ee12648bbbaaebf7062d888
SHA256

9c197bd3223a27b6b61d8b7dddef4d63c92bd8f5ab998473cd86dd59e1a5bf87
SHA512

f63307a98b6e1df25fdfa7af4d3b4bec59839691682bdb3ad961c71b110f14f2cb1deea96141a262326b0ac439e0417ff601f6ebac264d4755ab76891c167afc
SSDEEP

6144:uuAedD4oDNutfuy0Zc69X/6Oq2PhSGo53K3rl0b4Y+:uuAeJButmyV4SK5SGiSe

Score

N/A

Malware Config

Signatures

Files

9c197bd3223a27b6b61d8b7dddef4d63c92bd8f5ab998473cd86dd59e1a5bf87
.exe windows x86

9c0994b21b9855d673ed021d02ef0249

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rsaenh

CPGenKey
CPDeriveKey
CPEncrypt
CPCreateHash
CPDecrypt

user32

GetPropW
LoadBitmapA
DispatchMessageW
CreateDesktopW
LoadMenuW
wsprintfA
CharToOemA
IsWindow
DrawStateA
InsertMenuA
DialogBoxParamA

kernel32

VirtualProtect
FormatMessageA
GetLogicalDriveStringsW
GetModuleHandleA
HeapAlloc
GetGeoInfoW
WaitForSingleObject
IsBadStringPtrA
CompareStringA
GetAtomNameA
GetDateFormatW
GetOEMCP
LoadLibraryA
MapViewOfFile

clbcatq

SetSetupSave
SetSetupOpen

Sections

.text
Size: 200KB - Virtual size: 198KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy