72c737cb88a812d4b96511ff83f265b492d5e4167b16558c036ed1377adf83d8 | Triage

Submit
Reports

Overview

overview

8

Static

static

72c737cb88...d8.exe

windows7-x64

8

72c737cb88...d8.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

72c737cb88a812d4b96511ff83f265b492d5e4167b16558c036ed1377adf83d8.exe

Resource

win7-20220901-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

72c737cb88a812d4b96511ff83f265b492d5e4167b16558c036ed1377adf83d8.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

72c737cb88a812d4b96511ff83f265b492d5e4167b16558c036ed1377adf83d8
Size

305KB
MD5

a355b8ce7e2d5d706a40c36867d5d450
SHA1

078b5db1332103452084b2b972ff41f3510b3ab6
SHA256

72c737cb88a812d4b96511ff83f265b492d5e4167b16558c036ed1377adf83d8
SHA512

f70826efb62a2421fdb4deb8155948044fae4e72eabcc8a500ca4bbad8f57850f976cf61ebb3a5bd345d84b94fcc87d3a4a601172e0bb773f0369551e3531089
SSDEEP

6144:cqQ8/32vJRmHj9XCkjXam9GAfqjI7gyUSPzUKqaVQoGdzOc:l/326ZXnv1VzUKqaVQVdKc

Score

N/A

Malware Config

Signatures

Files

72c737cb88a812d4b96511ff83f265b492d5e4167b16558c036ed1377adf83d8
.exe windows x86

e07f32120b6d78db0822cda78e602685

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SuspendThread
GetModuleHandleA
GetFileAttributesA
FindClose
SetPriorityClass
GetCurrentProcess
GetStringTypeA
CreateDirectoryW
MapViewOfFile
FindResourceW
HeapFree
VirtualProtectEx
GetExitCodeThread
IsValidCodePage
TlsGetValue
RemoveDirectoryW
GetTickCount
SetLastError
GetLocaleInfoW
GetFileAttributesA
LocalLock

advapi32

CreateServiceW
IsValidAcl
RegEnumKeyA
ControlService
InitializeSid
RegQueryValueW
IsValidSecurityDescriptor
RegDeleteValueA
IsValidSid
IsTextUnicode
RegCreateKeyExW
ClearEventLogW
CreateProcessAsUserA

msctf

DllUnregisterServer
DllCanUnloadNow
TF_InitSystem
DllUnregisterServer

rasapi32

DwRasUninitialize

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 295KB - Virtual size: 295KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.import
Size: 512B - Virtual size: 484B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy