1b572e8768bbeae468764834f692275c937099e4abe448c1a7dfb656823cb5b4 | Triage

Submit
Reports

Overview

overview

7

Static

static

1b572e8768...b4.exe

windows7-x64

7

1b572e8768...b4.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

1b572e8768bbeae468764834f692275c937099e4abe448c1a7dfb656823cb5b4.exe

Resource

win7-20220812-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

1b572e8768bbeae468764834f692275c937099e4abe448c1a7dfb656823cb5b4.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

1b572e8768bbeae468764834f692275c937099e4abe448c1a7dfb656823cb5b4
Size

205KB
MD5

63cd807dba10cde0817bf3e2c5ae2539
SHA1

4bb8f105b4d97e290e0bd4de55487268760a87fc
SHA256

1b572e8768bbeae468764834f692275c937099e4abe448c1a7dfb656823cb5b4
SHA512

bba630b404cea68fe2ef61ce4a56daa471620f252aeb2c2cf41f4b50aa4b97554837aafa0d2cacbe3826eb1a82fff07a289caf99ab10e96a58a221b9193d472d
SSDEEP

6144:kGD+6d9aYmfow2ezDsqZ7FObYuYHeAbelbfTo:kGi6raYNwbhTVZHeAw

Score

N/A

Malware Config

Signatures

Files

1b572e8768bbeae468764834f692275c937099e4abe448c1a7dfb656823cb5b4
.exe windows x86

63a8c84097faf85cc900270e02e14fe3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetBkMode
GetTextColor
GetObjectA
GetBkColor

kernel32

GlobalFindAtomA
InitializeCriticalSection
VirtualAllocEx
LoadLibraryA
HeapAlloc
GlobalDeleteAtom

user32

GetCapture
GetWindowLongW
GetMenu
GetWindowDC
GetDesktopWindow

ole32

CoDisconnectObject
CoGetMalloc
WriteClassStm
CoRevokeClassObject
CoUnmarshalInterface
StgCreateDocfileOnILockBytes
CoReleaseMarshalData
CoRegisterClassObject
CreateStreamOnHGlobal
OleRegGetUserType

Exports

Exports

_ambS2wfg
_9g5mQh2jO@24
_JSsKecH21aXsV
lrR23c8h_jCYn
VR8hS_EwF
_0Aa84RTUE

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 189KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy