b6ef120b25ae719b9e976633c3c9a0681cb6ef3525431dacdadaa6e96d2f03eb | Triage

Submit
Reports

Overview

overview

1

Static

static

b6ef120b25...eb.exe

windows7-x64

1

b6ef120b25...eb.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

b6ef120b25ae719b9e976633c3c9a0681cb6ef3525431dacdadaa6e96d2f03eb.exe

Resource

win7-20220812-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

b6ef120b25ae719b9e976633c3c9a0681cb6ef3525431dacdadaa6e96d2f03eb.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

3 signatures

150 seconds

General

Target

b6ef120b25ae719b9e976633c3c9a0681cb6ef3525431dacdadaa6e96d2f03eb
Size

36KB
MD5

756cb08d0c957cd2678c8d315e8e3cb0
SHA1

8c2eccf942d31f67c843590609f14e1ed96827ee
SHA256

b6ef120b25ae719b9e976633c3c9a0681cb6ef3525431dacdadaa6e96d2f03eb
SHA512

34d8f83a83caebfe7d4ac14c4f7d44c27e511ee22cd47a723ef1758758fdc6babfb5d60eb3305a721e2fe0a29f30a32871e82b5cc26f85aa25be1ffa96be8bb4
SSDEEP

384:fASqF00ZNMxa1C92CglFDjqri9OaIypz2R0Dot:PS0U67QtVIIK+Dot

Score

N/A

Malware Config

Signatures

Files

b6ef120b25ae719b9e976633c3c9a0681cb6ef3525431dacdadaa6e96d2f03eb
.exe windows x86

43825bcb41830c0a04f421ff16452880

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFreeEx
WaitForSingleObject
CreateRemoteThread
GetProcAddress
GetModuleHandleA
CreateToolhelp32Snapshot
VirtualAllocEx
OpenProcess
GetLastError
GetCurrentProcess
Process32First
Process32Next
WriteProcessMemory
CloseHandle
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

advapi32

OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy