20a13a77f29e120ff80952cc378e582a6c07c2093f9bcefe226815a18430d168 | Triage

Submit
Reports

Overview

overview

1

Static

static

20a13a77f2...68.exe

windows7-x64

1

20a13a77f2...68.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

20a13a77f29e120ff80952cc378e582a6c07c2093f9bcefe226815a18430d168.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

20a13a77f29e120ff80952cc378e582a6c07c2093f9bcefe226815a18430d168.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

20a13a77f29e120ff80952cc378e582a6c07c2093f9bcefe226815a18430d168
Size

381KB
MD5

866f463d29f8a320030b447e8ff51788
SHA1

89a608e132d935caeb91c01e17c32d93c22778d2
SHA256

20a13a77f29e120ff80952cc378e582a6c07c2093f9bcefe226815a18430d168
SHA512

1fe865398abf2d40736b255b38f7c7e0075a96548a3e5daf2326c4b4d32d85918d2591184bf6236f5b3f2ab742560b2d5dab2de8ffbb41c067e65f4eeb3cc1d4
SSDEEP

6144:FVbRMreiWjhtgYXL7TO6dHyF6EDWVUlMVcZOV6fGhmLjAR73t3ygCkv:FVRMklbq6Vxh8MV9VOpO73tokv

Score

N/A

Malware Config

Signatures

Files

20a13a77f29e120ff80952cc378e582a6c07c2093f9bcefe226815a18430d168
.exe windows x86

5abdab194b97a96772595d6d6c5484fb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentVariableW
InterlockedExchange
ResumeThread
GetExitCodeProcess
CreateMutexA
LocalFree
GlobalSize
VirtualAlloc
GetACP
FindVolumeClose
GetModuleHandleW
GetPrivateProfileIntW
lstrlenA
CreateEventA
GetStdHandle
ResetEvent
CloseHandle
WriteFile
GetCommandLineA
GlobalFree

advapi32

RegCloseKey
ControlService
RegEnumKeyW
IsValidSid
CreateServiceA
RegDeleteKeyA
ClearEventLogA
IsValidAcl
CloseEventLog
RegDeleteValueA
IsTextUnicode
RegQueryValueW
RegCreateKeyExW

admparse

ResetAdmDirtyFlag
ResetAdmDirtyFlag
ResetAdmDirtyFlag
ResetAdmDirtyFlag
AdmClose

appwiz.cpl

ConfigStartMenu

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 372KB - Virtual size: 371KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy