123123c19dc81b208d8850b0c3b801be43f171e12f5898d1a3059a9e200d9d12 | Triage

Submit
Reports

Overview

overview

8

Static

static

123123c19d...12.exe

windows7-x64

8

123123c19d...12.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

123123c19dc81b208d8850b0c3b801be43f171e12f5898d1a3059a9e200d9d12.exe

Resource

win7-20220812-en

discovery evasion persistence

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

123123c19dc81b208d8850b0c3b801be43f171e12f5898d1a3059a9e200d9d12.exe

Resource

win10v2004-20220901-en

discovery evasion persistence

windows10-2004-x64

10 signatures

150 seconds

General

Target

123123c19dc81b208d8850b0c3b801be43f171e12f5898d1a3059a9e200d9d12
Size

268KB
MD5

9363abc1836b25d00c5452f523855e7d
SHA1

5da72ae280d8faecbf8a3ca846c7d58a4775891d
SHA256

123123c19dc81b208d8850b0c3b801be43f171e12f5898d1a3059a9e200d9d12
SHA512

2c4e7d593a72a8ee76a6372a2d74b669c8677a84f0510f4b848a78c5815444e7746f04922d46b99ae2ea97914072b1967f3ed8ee4033d21f63c7d33f5c8b1359
SSDEEP

3072:emzRweJHAjdNNqqMS/UJNsoLG46vQw8eQGrKigRkpRrFm0U/BIX1fh0IT3KHamzh:e8HukSc7soAweRGigRopmZ6nxnCrz

Score

N/A

Malware Config

Signatures

Files

123123c19dc81b208d8850b0c3b801be43f171e12f5898d1a3059a9e200d9d12
.exe windows x86

2a3bbf05820e7d0a50e5179764a4bf80

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
FormatMessageA
WaitForSingleObject
GetAtomNameA
GetPrivateProfileIntA
GetDateFormatW
GetFullPathNameW
GetConsoleAliasW
GetLogicalDriveStringsW
VirtualProtectEx
LoadLibraryW
MapViewOfFile

user32

CharToOemA
IsMenu
LoadBitmapA
FlashWindow
IsZoomed
GetPropW
PostMessageW
GetDlgItemTextW
InsertMenuA
wsprintfA
CreateDesktopW
DrawStateA
DispatchMessageW
PeekMessageW

shimeng

SE_InstallBeforeInit
SE_ProcessDying
SE_DllLoaded

clbcatq

SetSetupOpen
CoRegCleanup
DowngradeAPL
SetSetupSave
ComPlusMigrate

Sections

.text
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy