7eaabd39bf3edb0c11360480146774c585e4931a39ca7bf4df986ca4f7644881 | Triage

Submit
Reports

Overview

overview

8

Static

static

7eaabd39bf...81.exe

windows7-x64

8

7eaabd39bf...81.exe

windows10-2004-x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

7eaabd39bf3edb0c11360480146774c585e4931a39ca7bf4df986ca4f7644881.exe

Resource

win7-20220901-en

persistence upx

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

7eaabd39bf3edb0c11360480146774c585e4931a39ca7bf4df986ca4f7644881.exe

Resource

win10v2004-20220812-en

persistence upx

windows10-2004-x64

7 signatures

150 seconds

General

Target

7eaabd39bf3edb0c11360480146774c585e4931a39ca7bf4df986ca4f7644881
Size

243KB
MD5

b276885e93fc03d0461f2b4e9c82cebb
SHA1

9d5de0b3bd266bcf8067b97142ff0624a3d0f9dd
SHA256

7eaabd39bf3edb0c11360480146774c585e4931a39ca7bf4df986ca4f7644881
SHA512

1ddd787393ef6ae7ae07274a6ed58cfc35fdc4f695b106f05e12a7f7282bd0a4a812f601bb43888354d214c3196ce9677f9a0c59a6d2222f2abf488a89d8db97
SSDEEP

6144:AQ54Cf/5pp5FZZcjKXniuU/iO8kfEGaBjPNGoWyy:AQ5BfJ93dUmkmjP1Wy

Score

N/A

Malware Config

Signatures

Files

7eaabd39bf3edb0c11360480146774c585e4931a39ca7bf4df986ca4f7644881
.exe windows x86

5af5b03990a0d79eccf47f8959b09f5a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
CreateMutexA
LocalHandle
WaitForMultipleObjects
LocalUnlock
ReleaseMutex
GetStringTypeA
VirtualQueryEx
ReleaseSemaphore
LocalFlags
MultiByteToWideChar
LocalLock
GlobalAlloc
GetProcAddress
SuspendThread
CloseHandle
OpenEventA
OpenMutexA
GetExitCodeThread
PulseEvent
ResetEvent
SetEvent
ResumeThread
VirtualAllocEx
GetModuleHandleA
GetStartupInfoA

netapi32

NetAuditWrite
NetGroupAddUser
NetGetDCName
NetGroupAdd
NetAuditClear
Netbios
NetGetAnyDCName
NetGetJoinableOUs
NetConfigGetAll
NetConfigGet

msvcrt

__getmainargs
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
_exit
_XcptFilter
exit
_acmdln
__setusermatherr
_initterm

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 203KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy