d70dc973008d30a68908c68976d1f9c1d61fa93e6b351ba7ff007af8690a089f_unpacked | Triage

Submit
Reports

Overview

overview

7

Static

static

d70dc97300...ed.exe

windows7-x64

6

d70dc97300...ed.exe

windows10-2004-x64

7

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

d70dc973008d30a68908c68976d1f9c1d61fa93e6b351ba7ff007af8690a089f_unpacked.exe

Resource

win7-20220812-en

windows7-x64

5 signatures

600 seconds

Behavioral task

behavioral2

Sample

d70dc973008d30a68908c68976d1f9c1d61fa93e6b351ba7ff007af8690a089f_unpacked.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

7 signatures

600 seconds

General

Target

d70dc973008d30a68908c68976d1f9c1d61fa93e6b351ba7ff007af8690a089f_unpacked
Size

56KB
MD5

d61d15b12d8235a7c3e8bf5ebfb041c0
SHA1

e2cfe9efb037ecebefc39ff5597e37abaee7c255
SHA256

391aeaf795c1d5a5762d1415b8ebc4b86236e932bbc2611bf90f2323f9ebcc14
SHA512

c7541569f1f3445ae12e8ff6f2700a24a518916026c14d121f5e80a78233f57bfadc19465ce24816155d70390b7f4210bca5596cf15673a25b76d3aacff82fbf
SSDEEP

768:3IMunQp/xBiNY1Y6BC4bzZXEp+MstVReRO0O7ry3fz6cOxpCyugKpBo3oAd1p+q:3PtMGSK9/xZeRORk1OxqBox9+q

Score

N/A

Malware Config

Signatures

Files

d70dc973008d30a68908c68976d1f9c1d61fa93e6b351ba7ff007af8690a089f_unpacked
.exe windows x86

8615941bba86be8343bc45cc324e6fc2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

NtQueryVirtualMemory
RtlUnwind
sprintf

kernel32

GetCurrentProcess
OutputDebugStringA
LocalFree
TerminateProcess
GetCommandLineW
GetTickCount
IsDebuggerPresent
GetStartupInfoW
Sleep
ExitProcess
SetUnhandledExceptionFilter

user32

GetClientRect
DefWindowProcA
FillRect
EndPaint
GetActiveWindow
BeginPaint
DestroyWindow
SetMenu
AppendMenuA
CreatePopupMenu
CreateMenu
CreateWindowExA
RegisterClassExA
LoadImageA
GetSystemMetrics
LoadCursorA
LoadIconA
UpdateWindow
ShowWindow
GetMessageA
TranslateMessage
DispatchMessageA
MessageBoxA
PostQuitMessage

gdi32

TextOutA
SelectClipRgn
BeginPath
PathToRegion
EndPath
GetStockObject

shell32

CommandLineToArgvW

Sections

.text
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy