b49eaf05afbac8aa8af72d23219fb4cad3a8074cc4c13c36085cbb6fc4b12e44 | Triage

Submit
Reports

Overview

overview

8

Static

static

b49eaf05af...44.exe

windows7-x64

8

b49eaf05af...44.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

b49eaf05afbac8aa8af72d23219fb4cad3a8074cc4c13c36085cbb6fc4b12e44.exe

Resource

win7-20220812-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

b49eaf05afbac8aa8af72d23219fb4cad3a8074cc4c13c36085cbb6fc4b12e44.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

b49eaf05afbac8aa8af72d23219fb4cad3a8074cc4c13c36085cbb6fc4b12e44
Size

25KB
MD5

41b88227193a64d7b25b61d44f842ad4
SHA1

632245aed83de6a068938a00e00dc1e9db0e48bf
SHA256

b49eaf05afbac8aa8af72d23219fb4cad3a8074cc4c13c36085cbb6fc4b12e44
SHA512

ace6fa0088755f7a30b4b81e2123617d96a3bb9314155fe29df645ed60ec626f360930ae5eb37552ee2a132b39ed67111eaf0d0cb9c73c48e57bbc3921dc83af
SSDEEP

384:FSkc9Ighlo5EYzvqYo2g47ECbv65lIbRGgID1SdPr0Y1:AkCzhlomYzvqYo28WvalIb0gIDclrT1

Score

N/A

Malware Config

Signatures

Files

b49eaf05afbac8aa8af72d23219fb4cad3a8074cc4c13c36085cbb6fc4b12e44
.exe windows x86

2e8b2fec49a25e3d69956811fd6d3b27

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

ntshrui

GetLocalPathFromNetResourceA
IsPathSharedW
GetNetResourceFromLocalPathA

shell32

SHGetMalloc
SHGetDesktopFolder
SHGetDataFromIDListA
SHChangeNotify
StrChrA
DragQueryFileA
SHCreateShellItem
ShellAboutA
DragFinish
ShellMessageBoxA
DragQueryPoint
FindExecutableA

msasn1

ASN1BERDecNull
ASN1BERDecBool
ASN1BERDecCharString
ASN1BERDecEoid
ASN1BERDecCheck

kernel32

SetCurrentDirectoryA
GetEnvironmentVariableA
QueryDosDeviceA
MoveFileA
VirtualProtectEx
DeviceIoControl
CreateSemaphoreA
LoadLibraryA
FindResourceA
IsBadStringPtrA
IsBadWritePtr
GetAtomNameA
VirtualQueryEx
GetProcAddress
SetFileAttributesA
lstrcmpA
GetPrivateProfileSectionA
DecodeSystemPointer
GetModuleFileNameA

Sections

.code
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy