2854f4d1680f950af08694f95aa5e4d6f70134a6d5ba53fc9bf9c26c45ce432d | Triage

Submit
Reports

Overview

overview

8

Static

static

2854f4d168...2d.exe

windows7-x64

8

2854f4d168...2d.exe

windows10-2004-x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

2854f4d1680f950af08694f95aa5e4d6f70134a6d5ba53fc9bf9c26c45ce432d.exe

Resource

win7-20220812-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

2854f4d1680f950af08694f95aa5e4d6f70134a6d5ba53fc9bf9c26c45ce432d.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

6 signatures

150 seconds

General

Target

2854f4d1680f950af08694f95aa5e4d6f70134a6d5ba53fc9bf9c26c45ce432d
Size

455KB
MD5

96ebda2f695dd39914e8c59510b311e0
SHA1

cef88f2190124c514a7eab5b2c270cae1e61fcbc
SHA256

2854f4d1680f950af08694f95aa5e4d6f70134a6d5ba53fc9bf9c26c45ce432d
SHA512

4fcca9f8070ad1672c4be25f196ffa6d161906b638c74caed3ab8856132f1c7cfef32f325fa324f58c59379bce21b483286e6561f673ead1763545c66f17e35a
SSDEEP

12288:Fkx2/vK8yrOYF6SCryrqrF6Dv+VyfezUq6aorzaFxcA:FQ2/vbLYF6SCrfF6/O6ao6YA

Score

N/A

Malware Config

Signatures

Files

2854f4d1680f950af08694f95aa5e4d6f70134a6d5ba53fc9bf9c26c45ce432d
.exe windows x86

4ddcc4197947620d5cc23603bcdefb79

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MoveFileExA
HeapFree
WriteFile
DeleteFileA
Sleep
ReadFile
HeapAlloc
GetProcessHeap
GetFileSize
GetTickCount
lstrlenA
ExitProcess
lstrcatA
lstrcpyA
CopyFileA
GetTempPathA
GetModuleFileNameA
GetCommandLineA
GetCurrentThreadId
CloseHandle
CreateFileA
CreateProcessA
RtlUnwind

user32

wsprintfA
GetMessageA
PostThreadMessageA
GetInputState

shlwapi

StrStrIA
StrRChrA

Exports

Exports

AXBAZ7HT
GMZOD11F
LUD6C8KX
N4PODLHB
Z9NXU28Q

Sections

.IKNFT2G
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy