367fabb5225011b89f1f2dd7af10358e3ffa10e86d54b5dd9e683dcba44b2c97 | Triage

Submit
Reports

Overview

overview

8

Static

static

367fabb522...97.exe

windows7-x64

8

367fabb522...97.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

367fabb5225011b89f1f2dd7af10358e3ffa10e86d54b5dd9e683dcba44b2c97.exe

Resource

win7-20220812-en

discovery evasion persistence

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

367fabb5225011b89f1f2dd7af10358e3ffa10e86d54b5dd9e683dcba44b2c97.exe

Resource

win10v2004-20220812-en

discovery evasion persistence

windows10-2004-x64

10 signatures

150 seconds

General

Target

367fabb5225011b89f1f2dd7af10358e3ffa10e86d54b5dd9e683dcba44b2c97
Size

284KB
MD5

5ca19edb685bbb210b90f01728984ec7
SHA1

29fa22de35bd56abbe442a0b72e196f0529c4059
SHA256

367fabb5225011b89f1f2dd7af10358e3ffa10e86d54b5dd9e683dcba44b2c97
SHA512

f687cd4df846c1996acc99c8e6282658d5578688d0987e703e0d9c5f1619f9f6784b6dc45fe524a0a576a69e8d0dd1030cbb6db118d33dceadcb0cb01bfbe392
SSDEEP

3072:US9mKOmZ4ri4C4IjEflCde0RCQZm8XFxkJU/M9If2KJG/SjRDhgq79afPIxZGDdi:US9gm34IjRnsQZm8X/kmU2JiamB9ZSn

Score

N/A

Malware Config

Signatures

Files

367fabb5225011b89f1f2dd7af10358e3ffa10e86d54b5dd9e683dcba44b2c97
.exe windows x86

14c7474164f3652a58d5e3d0f4d985b8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellAboutA
DllUnregisterServer
SHBindToParent
SHGetDataFromIDListA
SHChangeNotify
SHGetDesktopFolder
SHCreateShellItem
SHFree
ExtractIconA
DragFinish
DuplicateIcon
DragQueryPoint
SHGetMalloc
StrChrA
DragAcceptFiles
ShellMessageBoxA
FindExecutableA

dhcpcsvc

McastApiStartup
McastApiCleanup
McastGenUID
DhcpEnumClasses

kernel32

GetPrivateProfileIntA
CreateFileMappingA
WaitForSingleObject
GetNumberFormatW
HeapSize
LoadLibraryW
VirtualProtectEx
GetDriveTypeA
GetAtomNameA
CompareStringA
GetModuleHandleA
MapViewOfFile
GetLogicalDriveStringsW
GetExitCodeProcess
GetDateFormatW

user32

IsDialogMessageW
PeekMessageW
LoadIconA
IsIconic
LoadBitmapA
CharToOemA
FlashWindow
PostMessageW
GetPropW
wsprintfA
GetDlgItemTextW

Sections

.text
Size: 232KB - Virtual size: 231KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy