3fd59f4023096a3ee29abcbb38035d351e404fc7dd52cd84c023b7c6ee245ca1 | Triage

Submit
Reports

Overview

overview

8

Static

static

3fd59f4023...a1.exe

windows7-x64

8

3fd59f4023...a1.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

3fd59f4023096a3ee29abcbb38035d351e404fc7dd52cd84c023b7c6ee245ca1.exe

Resource

win7-20220901-en

discovery evasion persistence

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

3fd59f4023096a3ee29abcbb38035d351e404fc7dd52cd84c023b7c6ee245ca1.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

3fd59f4023096a3ee29abcbb38035d351e404fc7dd52cd84c023b7c6ee245ca1
Size

248KB
MD5

6bc4c23e6bf864dd2785b374242bcdc5
SHA1

6e51a3408bd6514692ab0ab7da3e225c64f37593
SHA256

3fd59f4023096a3ee29abcbb38035d351e404fc7dd52cd84c023b7c6ee245ca1
SHA512

f5154a063e55b10282545347165101e4c6d2e7d9d1acb40744c7bae3667d09096d63458c99e9b05ea93c73e55d1c87ef260695515dc0c653535efc14717acd70
SSDEEP

3072:r6KVfjq0LDjmNtSDaSIibYZV1q6Rrk1PaGgZspnYBg7KVP2zbsDS6q1:rDVxLP2AUibYXk8HGganYe7AJSZ1

Score

N/A

Malware Config

Signatures

Files

3fd59f4023096a3ee29abcbb38035d351e404fc7dd52cd84c023b7c6ee245ca1
.exe windows x86

a28020287b53d1ce3bbbf54032f823ca

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadStringPtrA
VirtualProtect
GetCommandLineA
WriteConsoleW
GetConsoleTitleW
GetModuleHandleA
LoadLibraryA
WaitForSingleObject
GetNumberFormatW
GetExitCodeProcess
lstrcpynA
GetDriveTypeA

user32

wsprintfA
LoadMenuW
LoadCursorW
IsWindow
GetClassLongA
GetPropW
GetDlgItemTextW
DispatchMessageW
CreateDesktopW
CharToOemA
DialogBoxParamA
PeekMessageW
LoadIconA
FlashWindow
DrawStateA
GetMessageW
IsZoomed

dhcpcsvc

DhcpEnumClasses
McastApiStartup

shell32

DragFinish
SHBindToParent
SHGetFileInfoA
StrChrA
DllUnregisterServer
SHCreateShellItem
SHGetMalloc
ShellMessageBoxA
DuplicateIcon
DragQueryPoint
ExtractIconA
ShellAboutA

Sections

.text
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy