29258e9a323a5c753e010b6fa9a244fc456cd7d06cbd763b098eee09af47e7f6 | Triage

Submit
Reports

Overview

overview

Static

static

29258e9a32...f6.exe

windows7-x64

29258e9a32...f6.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

29258e9a323a5c753e010b6fa9a244fc456cd7d06cbd763b098eee09af47e7f6.exe

Resource

win7-20220812-en

evasion persistence

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

29258e9a323a5c753e010b6fa9a244fc456cd7d06cbd763b098eee09af47e7f6.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

7 signatures

150 seconds

General

Target

29258e9a323a5c753e010b6fa9a244fc456cd7d06cbd763b098eee09af47e7f6
Size

173KB
MD5

0e53a1618e8ae51258faab2676ff53e1
SHA1

8541492c061f74595cbb3fbd3d6a69a61163e32e
SHA256

29258e9a323a5c753e010b6fa9a244fc456cd7d06cbd763b098eee09af47e7f6
SHA512

3c1c91a386e5d30c14ef1b327925b742e0c794caa6f5256f767aaa5e34b52453852186e7adaaf4e645f5e3c37e19c135f4b535c536b5a428f73ea483fad2c77c
SSDEEP

3072:rra5SUwr+clBPJMaSgjyP3qcP9/Fg/duz3aq1xzoQGWuCwQZv6GN3qXY6Oe91c/:HTKclpJMaSgu/qcPgdmaq/eWuCwQZv6e

Score

N/A

Malware Config

Signatures

Files

29258e9a323a5c753e010b6fa9a244fc456cd7d06cbd763b098eee09af47e7f6
.exe windows x86

5af3db5ec6f1dccb224c74c4095641ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DrawTextExW
SetRect
ShowWindow
SetCursorPos
SetWindowTextA
LoadIconA
GetDC
IsWindowEnabled
RegisterWindowMessageA
GetScrollPos
GetKeyboardType
SendNotifyMessageW

shlwapi

PathAddExtensionA

kernel32

CreateWaitableTimerA
HeapUnlock
lstrcpynW
SetFilePointer
lstrcmpA
OpenSemaphoreW
CreateEventW

Exports

Exports

_ExitWindowsExExitWindowsEx@0

Sections

.text
Size: 155KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy