957f898d085658c688636ce41acc2b586ef53e9efe09a2a136acee1296de5f4a | Triage

Submit
Reports

Overview

overview

1

Static

static

957f898d08...4a.exe

windows7-x64

1

957f898d08...4a.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

957f898d085658c688636ce41acc2b586ef53e9efe09a2a136acee1296de5f4a.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

957f898d085658c688636ce41acc2b586ef53e9efe09a2a136acee1296de5f4a.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

957f898d085658c688636ce41acc2b586ef53e9efe09a2a136acee1296de5f4a
Size

54KB
MD5

a0138077e11f3dde84914985c0b4ecb7
SHA1

59a5e120af8dc667cca331f68291f728ec99be77
SHA256

957f898d085658c688636ce41acc2b586ef53e9efe09a2a136acee1296de5f4a
SHA512

3c1c03702f9cd3a03424cb52eca2c850ffe2e62968b3cde4fc5534e2e807a8526bfd1448d844f41064377156a9dfab8ddadbc63eb9b34b2612290460eacd9466
SSDEEP

1536:DpTU0xcxepuS0GHjv9Nj8eaEwwgK7hRJ6iaMxS29N9Z:9U0xXZ0GHT9N4I1r6ia8S2d

Score

N/A

Malware Config

Signatures

Files

957f898d085658c688636ce41acc2b586ef53e9efe09a2a136acee1296de5f4a
.exe windows x86

54065974dceb0e65d6d4ff29bc8499e8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

spiceworks

ruby_sysinit
ruby_init_stack
ruby_init
ruby_options
ruby_run_node

msvcr90

_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_initterm
__set_app_type
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_except_handler4_common
_invoke_watson
_controlfp_s
_crt_debugger_hook
__initenv
exit
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
_encode_pointer

kernel32

IsDebuggerPresent
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
InterlockedCompareExchange
Sleep
InterlockedExchange
GetCurrentProcessId

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 908B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy