0ad0c45dd711010fa099a7b9c477ba7077aa6a246bbbaba166e1d88dc3496743 | Triage

Submit
Reports

Overview

overview

8

Static

static

0ad0c45dd7...43.exe

windows7-x64

8

0ad0c45dd7...43.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

0ad0c45dd711010fa099a7b9c477ba7077aa6a246bbbaba166e1d88dc3496743.exe

Resource

win7-20220901-en

discovery evasion persistence

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

0ad0c45dd711010fa099a7b9c477ba7077aa6a246bbbaba166e1d88dc3496743.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

0ad0c45dd711010fa099a7b9c477ba7077aa6a246bbbaba166e1d88dc3496743
Size

248KB
MD5

924e559aded1e1f8266d27753a12757b
SHA1

fc618cc6f8bcd779d97e431b4a19852599554a31
SHA256

0ad0c45dd711010fa099a7b9c477ba7077aa6a246bbbaba166e1d88dc3496743
SHA512

098069e82e54362cd97c9583c082af658740c4badfc3862014f4cbf852689c304e1b2627d1205e284a94147fde3fe3e6f64ab087b38355fa3aef8bf70e6c1567
SSDEEP

3072:00P0AKcIRNS5+yR4oN200rTW0n2OBhH/mmI5u2qKg4B1pjPP:DP0L3D3ok0q2OBFu55J/15PP

Score

N/A

Malware Config

Signatures

Files

0ad0c45dd711010fa099a7b9c477ba7077aa6a246bbbaba166e1d88dc3496743
.exe windows x86

5d27c9503c4e8c2360fabded72d7bfa3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleTitleW
ReadConsoleA
CompareStringA
EncodePointer
GetCurrentProcess
CloseHandle
CreateNamedPipeA
WaitForSingleObject
GetAtomNameA
WriteConsoleW
LoadLibraryA
GetModuleHandleA
GetTimeFormatW
VirtualProtect
GetConsoleAliasA
GetCommandLineA

rsaenh

CPCreateHash
CPGenKey
CPDeriveKey
CPDecrypt
CPEncrypt

user32

DialogBoxParamA
IsZoomed
IsWindow
PeekMessageW
DrawStateA
wsprintfA
LoadMenuW
PostMessageW
DispatchMessageW
GetDlgItemTextW
FlashWindow
CreateDesktopW
LoadIconA
LoadCursorW
GetMessageW
InsertMenuA
CharToOemA
IsDialogMessageW

wtsapi32

WTSVirtualChannelOpen
WTSSendMessageA
WTSVirtualChannelClose
WTSSetUserConfigW
WTSSetSessionInformationW
WTSEnumerateServersA
WTSEnumerateProcessesA
WTSLogoffSession
WTSQueryUserToken
WTSEnumerateSessionsW
WTSRegisterSessionNotification
WTSWaitSystemEvent

Sections

.text
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy