2b2ebfffa2a2088425d70e33b6807a08f279452ce6c330b37466e4e549b44b37 | Triage

Submit
Reports

Overview

overview

8

Static

static

2b2ebfffa2...37.exe

windows7-x64

8

2b2ebfffa2...37.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

2b2ebfffa2a2088425d70e33b6807a08f279452ce6c330b37466e4e549b44b37.exe

Resource

win7-20220901-en

discovery evasion persistence

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

2b2ebfffa2a2088425d70e33b6807a08f279452ce6c330b37466e4e549b44b37.exe

Resource

win10v2004-20220812-en

discovery evasion persistence

windows10-2004-x64

10 signatures

150 seconds

General

Target

2b2ebfffa2a2088425d70e33b6807a08f279452ce6c330b37466e4e549b44b37
Size

268KB
MD5

814678656050e584535efb715c1d86fb
SHA1

aa589206c76a2c0b50d27fb5fedd5774accc420f
SHA256

2b2ebfffa2a2088425d70e33b6807a08f279452ce6c330b37466e4e549b44b37
SHA512

1015fde15b6ea568f77abd6e896db1e6d4919388d490226bb376ca67c98d269cae178c28c1bb09b606d66a876c4cd943ae0ee4e6f3417f150c61a7e7283d4277
SSDEEP

3072:YtUmcvTaZMvSuf+QQfbPyiKwlSiYyJnfDsTrzKpR6RsciQnzeUnEWKtv0tvKaato:cbZDBfEwlLYsgTrzK/6RfiMeISvo2

Score

N/A

Malware Config

Signatures

Files

2b2ebfffa2a2088425d70e33b6807a08f279452ce6c330b37466e4e549b44b37
.exe windows x86

4e1ab4eececf204edc683c60aafd1d74

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsZoomed
LoadBitmapA
DispatchMessageW
InsertMenuA
PeekMessageW
PostMessageW
DialogBoxParamA
GetClassLongA
IsZoomed
IsDialogMessageW
FlashWindow
LoadMenuW

shell32

ExtractIconA
DragQueryPoint
SHFree
DllUnregisterServer
SHGetFileInfoA
DragQueryFileA
DuplicateIcon
SHGetMalloc
SHGetDesktopFolder
SHBindToParent

wtsapi32

WTSRegisterSessionNotification
WTSVirtualChannelQuery
WTSSetSessionInformationW
WTSLogoffSession
WTSSendMessageA
WTSEnumerateSessionsW
WTSUnRegisterSessionNotification
WTSEnumerateProcessesA
WTSSetUserConfigW
WTSVirtualChannelOpen

kernel32

lstrcpynA
VirtualProtectEx
HeapAlloc
GetConsoleTitleW
FormatMessageA
WriteConsoleW
GetModuleHandleA
MapViewOfFile
GetLogicalDriveStringsW
LoadLibraryW
WaitForSingleObject
CreateNamedPipeA

Sections

.text
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy