636399e761ced1a73f1a884d884c6add8dcd9bfbfaa4c1842c96caddb1f675e9 | Triage

Submit
Reports

Overview

overview

1

Static

static

636399e761...e9.exe

windows7-x64

1

636399e761...e9.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

636399e761ced1a73f1a884d884c6add8dcd9bfbfaa4c1842c96caddb1f675e9.exe

Resource

win7-20220812-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

636399e761ced1a73f1a884d884c6add8dcd9bfbfaa4c1842c96caddb1f675e9.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

3 signatures

150 seconds

General

Target

636399e761ced1a73f1a884d884c6add8dcd9bfbfaa4c1842c96caddb1f675e9
Size

14KB
MD5

a198c9f78519510e8d67ab696ca8c5c0
SHA1

52a2132096a3071c77bfc62aefaa1d6114d82441
SHA256

636399e761ced1a73f1a884d884c6add8dcd9bfbfaa4c1842c96caddb1f675e9
SHA512

cf86aff752b2e4942951cef1d2161ca66221fecea233a88b538cc358936c751b1c943b855d124461bdda4cdfb8bbe47de26aaba984840def4bc9a844ade12c5a
SSDEEP

192:/eF5VTxHHijmGbRwyhkWoLMKrVmIVMmNKYlUFKrq8RpmgJ6rsF+LkkC/:/8lxHCjxbRwyhJo9RPMmZrNRLsI

Score

N/A

Malware Config

Signatures

Files

636399e761ced1a73f1a884d884c6add8dcd9bfbfaa4c1842c96caddb1f675e9
.exe windows x86

79a1f75fc60ca904e7658c54ca86ea02

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetProcessHeap
GetFileInformationByHandle
CreateFileA
lstrcatA
GetSystemDirectoryA
GetProcAddress
LocalFree
ReadFile
IsBadReadPtr
GetVersionExA
lstrlenA
LoadLibraryA
GetVolumeInformationA
GetWindowsDirectoryA
OpenProcess
HeapFree
GetModuleHandleA
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
CreateToolhelp32Snapshot
Process32First
lstrcmpiA
Process32Next
GetCurrentProcess
CloseHandle
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind

advapi32

RegEnumKeyExA
RegQueryValueExA
RegCloseKey
GetSecurityInfo
GetUserNameA
SetEntriesInAclA
SetSecurityInfo
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA

ws2_32

inet_addr
socket
WSAStartup
WSACleanup
htons
connect
send
closesocket

urlmon

URLDownloadToFileA

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy