44900d907785e6eab71a08753cfc21f11658fe01c4535f75d1dd366b64defa59 | Triage

Submit
Reports

Overview

overview

8

Static

static

44900d9077...59.exe

windows7-x64

8

44900d9077...59.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

44900d907785e6eab71a08753cfc21f11658fe01c4535f75d1dd366b64defa59.exe

Resource

win7-20220901-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

44900d907785e6eab71a08753cfc21f11658fe01c4535f75d1dd366b64defa59.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

44900d907785e6eab71a08753cfc21f11658fe01c4535f75d1dd366b64defa59
Size

305KB
MD5

a11c8b82f008c0170f71445cd85ac740
SHA1

9660b1325b9a33680d921d00c45aa9fa42c3cb48
SHA256

44900d907785e6eab71a08753cfc21f11658fe01c4535f75d1dd366b64defa59
SHA512

38906b54df6b54e2740fa8c450240e6c8fa2c3f7a27b9d5cf8ce4b85c1dfe16455b8489fc69c7907c4f25497abcff5f01019f1671a410e1625cfa697090c1d91
SSDEEP

3072:XvVQD8/32kHMel6XewWpTGcIdmxX8XbBVtosPKCwt6ufdcp0qKFyD0u+W+CyDGH5:/Q8/32X1ywmxsNKC0hdvFyIuQSynx+r

Score

N/A

Malware Config

Signatures

Files

44900d907785e6eab71a08753cfc21f11658fe01c4535f75d1dd366b64defa59
.exe windows x86

1e9c50b105820794942ec4105e09cfc7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

FindClose
TlsGetValue
SetPriorityClass
GetTickCount
GetExitCodeThread
HeapFree
IsValidCodePage
LocalLock
FindResourceW
GetCurrentProcess
GetFileAttributesW
SuspendThread
CreateEventA
GetLocaleInfoW
SetLastError
GetModuleHandleA
GetFileAttributesW
GetStringTypeA
RemoveDirectoryW
CreateDirectoryW
VirtualProtectEx

advapi32

CreateProcessAsUserA
IsValidSid
RegDeleteValueA
IsValidSecurityDescriptor
RegCreateKeyExW
CreateServiceW
RegQueryValueW
IsTextUnicode
InitializeSid
RegEnumKeyA
ControlService
IsValidAcl
ClearEventLogW

msctf

DllUnregisterServer
DllUnregisterServer
TF_InitSystem
DllCanUnloadNow

uxtheme

CloseThemeData

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 295KB - Virtual size: 295KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.import
Size: 512B - Virtual size: 484B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy