b682a2496c4980ce7350b52e6cf9b85e072fadab7a32c510df78881dc0ca88b6 | Triage

Submit
Reports

Overview

overview

5

Static

static

b682a2496c...b6.exe

windows7-x64

5

b682a2496c...b6.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

b682a2496c4980ce7350b52e6cf9b85e072fadab7a32c510df78881dc0ca88b6.exe

Resource

win7-20220812-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

b682a2496c4980ce7350b52e6cf9b85e072fadab7a32c510df78881dc0ca88b6.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

b682a2496c4980ce7350b52e6cf9b85e072fadab7a32c510df78881dc0ca88b6
Size

84KB
MD5

849cf6c3851668f12e6f7aebbfb7a7f0
SHA1

e4c51d38b24b3465e9b02a5fea2bddc66a63377a
SHA256

b682a2496c4980ce7350b52e6cf9b85e072fadab7a32c510df78881dc0ca88b6
SHA512

01d6b5da43be2b00441f232c2acd43bcfd840d81b5261e4292fb02eaa8dc4f051d914a76d984ab1567c9440c3a1f73e2e8c20a8749c6ea5a91713e193afcfc38
SSDEEP

1536:NItsqA6KeT+5365VIOkMVa3M5N226v4gQXu/iOCnYbG+snC1kHsg:G1A6i6D3IMP2gFEiYSCTg

Score

N/A

Malware Config

Signatures

Files

b682a2496c4980ce7350b52e6cf9b85e072fadab7a32c510df78881dc0ca88b6
.exe windows x86

351b8bb1fb8c05a7b26367cda9041a20

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetStartupInfoW
GetDriveTypeA
GetFileTime
HeapDestroy
CreateDirectoryA
GetProcessHeap
VirtualProtect
DeleteFileW
CancelIo
GetModuleFileNameA
LocalFree
SetLocalTime
LeaveCriticalSection
GetCurrentThreadId
DeleteFileW
LocalLock
ReadConsoleW
GetConsoleAliasW
FindAtomA
CreateFileW
InterlockedExchange
CreateFileW
GetFileAttributesA
GetConsoleMode

user32

IsZoomed
GetSysColor
PeekMessageA
GetWindowLongA
IsWindowEnabled
DispatchMessageA
MessageBoxA
wsprintfA
GetKeyState
LoadCursorA
GetWindowTextA
GetWindowDC
GetWindowLongA

davclnt

NPCloseEnum
NPGetCaps
DllGetClassObject
DllCanUnloadNow

advapi32

IsValidSid

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy