51a95058875bb887f9b2cc86ae5f6802e022448913323e8328415fd490b3f598 | Triage

Submit
Reports

Overview

overview

8

Static

static

51a9505887...98.exe

windows7-x64

8

51a9505887...98.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

51a95058875bb887f9b2cc86ae5f6802e022448913323e8328415fd490b3f598.exe

Resource

win7-20220901-en

discovery evasion persistence

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

51a95058875bb887f9b2cc86ae5f6802e022448913323e8328415fd490b3f598.exe

Resource

win10v2004-20220812-en

discovery evasion persistence

windows10-2004-x64

9 signatures

150 seconds

General

Target

51a95058875bb887f9b2cc86ae5f6802e022448913323e8328415fd490b3f598
Size

304KB
MD5

566b0cffaa61127187c317c29f6dfd17
SHA1

5fbd0b77debd368a19865f7354b10526389812fd
SHA256

51a95058875bb887f9b2cc86ae5f6802e022448913323e8328415fd490b3f598
SHA512

696675189078764a2fe28d9f3b65a40d38f2d330c27b618acf3dd9c059d17d93f7ce8d822e7c60c17de136bad47983d98af8783e3baac38031791d450510824e
SSDEEP

6144:DYYiTYY05aaH5eze4XlcTnwguAPGkSTox2D:DYjYHZ8lcEguirx2D

Score

N/A

Malware Config

Signatures

Files

51a95058875bb887f9b2cc86ae5f6802e022448913323e8328415fd490b3f598
.exe windows x86

15e269863892bb5ea5f16b17a42ef7ee

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsIconic
FlashWindow
LoadMenuW
GetMessageW
IsDialogMessageW
CharToOemA
DrawStateA
wsprintfA
PeekMessageW
LoadIconA
PostMessageW
DispatchMessageW
GetDlgItemTextW
LoadBitmapA
GetClassLongA
IsZoomed
GetPropW

clbcatq

SetSetupSave
SetSetupOpen
ComPlusMigrate
CoRegCleanup

dhcpcsvc

McastApiCleanup
McastGenUID
McastApiStartup

kernel32

VirtualProtectEx
GetNumberFormatW
HeapAlloc
WaitForSingleObject
GetLogicalDriveStringsW
CreateNamedPipeA
WriteConsoleW
EncodePointer
CompareStringA
GetConsoleAliasW
GetModuleHandleA
FormatMessageA
GetExitCodeProcess
GetFullPathNameW
LoadLibraryW
GetConsoleTitleW

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 216KB - Virtual size: 214KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy