158b18765b1eccd89be3ea272c9e71e7928ab6264cca57138b84e5e2ea985e70 | Triage

Submit
Reports

Overview

overview

8

Static

static

158b18765b...70.exe

windows7-x64

8

158b18765b...70.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

158b18765b1eccd89be3ea272c9e71e7928ab6264cca57138b84e5e2ea985e70.exe

Resource

win7-20220901-en

discovery persistence upx

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

158b18765b1eccd89be3ea272c9e71e7928ab6264cca57138b84e5e2ea985e70.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

2 signatures

150 seconds

General

Target

158b18765b1eccd89be3ea272c9e71e7928ab6264cca57138b84e5e2ea985e70
Size

768KB
MD5

0c590429ce0de7cb3bcc77ea3c4cdbea
SHA1

a681a32c4c83713e18dbef180380f0a258017ad2
SHA256

158b18765b1eccd89be3ea272c9e71e7928ab6264cca57138b84e5e2ea985e70
SHA512

834773cf53c77a4f27dc1b42ca873d18383d3a414887d9564e855f699aad41dff497fe8386ac536492b9bb0b27c113bdde0468be92e5f25f26769d32a0575ac5
SSDEEP

12288:wsk8v8BAbJnFvEpkuvqlHbAfaIrX6nIeloQmXH9WYb12E7I18TudNy:w1iHbfsoiulPmx12E7G86

Score

N/A

Malware Config

Signatures

Files

158b18765b1eccd89be3ea272c9e71e7928ab6264cca57138b84e5e2ea985e70
.exe windows x86

b4d0ec4f2340f75c015edf7008d00632

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
RemoveDirectoryW
CloseHandle
GetModuleHandleA
GetCommandLineW
RemoveDirectoryW
GetVersion
GetFileSize
OpenEventW
CreateMutexA
ResetEvent
CloseHandle
SetStdHandle
HeapSize
CreateDirectoryW
DeleteFileA
VirtualProtectEx
lstrlenA
ReleaseSemaphore
WriteConsoleW
Sleep
GetDriveTypeA
ReleaseMutex
CreateFileA
CreateFileMappingW

user32

FindWindowA
CreateIcon
DispatchMessageA
DrawTextW
DestroyMenu
IsZoomed
MessageBoxA
PeekMessageA
GetSysColor
DestroyMenu
GetClassInfoA
IsWindow
GetWindowLongA

eventcls

DllGetClassObject
DllGetClassObject
DllGetClassObject
DllGetClassObject

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 760KB - Virtual size: 760KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy