682bf43c9e0edd40a191c7a7707c3f9839cba5e9e282a19fb3d35eaeca6e0185 | Triage

Submit
Reports

Overview

overview

8

Static

static

682bf43c9e...85.exe

windows7-x64

8

682bf43c9e...85.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

682bf43c9e0edd40a191c7a7707c3f9839cba5e9e282a19fb3d35eaeca6e0185.exe

Resource

win7-20220812-en

discovery evasion persistence

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

682bf43c9e0edd40a191c7a7707c3f9839cba5e9e282a19fb3d35eaeca6e0185.exe

Resource

win10v2004-20220812-en

discovery evasion persistence

windows10-2004-x64

9 signatures

150 seconds

General

Target

682bf43c9e0edd40a191c7a7707c3f9839cba5e9e282a19fb3d35eaeca6e0185
Size

228KB
MD5

a1ff3b94d96fcffbfe8f6a46a8b6b05c
SHA1

52803745ea0ef47deb8fb80da86ed54180304547
SHA256

682bf43c9e0edd40a191c7a7707c3f9839cba5e9e282a19fb3d35eaeca6e0185
SHA512

85991ca6aa3d7f725088c627ba7bdc1ceb4c2decd78128448cafe87ad769cc6d859e1523e50439ea559436d327d325f8f20341164ad7b7ded4d6029a856a8f78
SSDEEP

6144:AMfQPU7uatVHLtEusJtsaNE5+5D/0IG9Ktu2a:ACQPU7SumsTW0IG9Ktu

Score

N/A

Malware Config

Signatures

Files

682bf43c9e0edd40a191c7a7707c3f9839cba5e9e282a19fb3d35eaeca6e0185
.exe windows x86

5fd1a00a78833927b25f8309ce4f9327

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadCursorA
GetDlgItemTextW
CharToOemA
CreateDesktopW
DispatchMessageW
FindWindowExA
FlashWindow
PeekMessageW
IsDialogMessageW
PostMessageW
wsprintfA
LoadIconA
GetClassLongA
DrawStateA
LoadBitmapA

wtsapi32

WTSVirtualChannelRead
WTSSetUserConfigW
WTSVirtualChannelQuery
WTSVirtualChannelWrite
WTSEnumerateProcessesA
WTSQuerySessionInformationA
WTSEnumerateSessionsW
WTSWaitSystemEvent
WTSEnumerateServersA
WTSFreeMemory

kernel32

FormatMessageA
VirtualProtect
GetConsoleAliasA
GetModuleHandleA
CompareStringA
Sleep
GetLogicalDriveStringsW
lstrcpynA
GetCurrentDirectoryA
GetOEMCP
HeapAlloc
GetCommandLineA
LoadLibraryA
GetDriveTypeA
GetFullPathNameW
GetAtomNameA

Sections

.text
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy