d5cd15a15a3f30e5db4af58d00a7424a82cd4287cc4d8e8cc40ca2d19c9ca7ad | Triage

Submit
Reports

Overview

overview

1

Static

static

d5cd15a15a...ad.exe

windows7-x64

1

d5cd15a15a...ad.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

d5cd15a15a3f30e5db4af58d00a7424a82cd4287cc4d8e8cc40ca2d19c9ca7ad.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

d5cd15a15a3f30e5db4af58d00a7424a82cd4287cc4d8e8cc40ca2d19c9ca7ad.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

d5cd15a15a3f30e5db4af58d00a7424a82cd4287cc4d8e8cc40ca2d19c9ca7ad
Size

508KB
MD5

4684571e2cf0dbba840973ca8928f7c0
SHA1

748513be716e76a74c20cc2e074aae68fabd430e
SHA256

d5cd15a15a3f30e5db4af58d00a7424a82cd4287cc4d8e8cc40ca2d19c9ca7ad
SHA512

8015080f301c8edb6b64caa5a74b0ea54bd1f295e816b07c098e6a66c58b1f8c9f195cdca4c79045167dfad9937a5f9d27d6a6a7ca380c6ca1a423f928a06966
SSDEEP

12288:NrQdI9F8fOX+w6OZFYykISjYDm/cheqcjhpC2g/Ip6n9Q:NrQdIXPX+7OPrEj23hVcjh/g/I6u

Score

N/A

Malware Config

Signatures

Files

d5cd15a15a3f30e5db4af58d00a7424a82cd4287cc4d8e8cc40ca2d19c9ca7ad
.exe windows x86

54065974dceb0e65d6d4ff29bc8499e8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

spiceworks

ruby_sysinit
ruby_init_stack
ruby_init
ruby_options
ruby_run_node

msvcr90

_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_initterm
__set_app_type
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_except_handler4_common
_invoke_watson
_controlfp_s
_crt_debugger_hook
__initenv
exit
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
_encode_pointer

kernel32

IsDebuggerPresent
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
InterlockedCompareExchange
Sleep
InterlockedExchange
GetCurrentProcessId

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 908B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 500KB - Virtual size: 1.6MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy