a156fb68dad395aab006410c6b6a46dabc31294c3ad1a60f883f6c347c571d3a | Triage

Submit
Reports

Overview

overview

1

Static

static

a156fb68da...3a.exe

windows7-x64

1

a156fb68da...3a.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

a156fb68dad395aab006410c6b6a46dabc31294c3ad1a60f883f6c347c571d3a.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

a156fb68dad395aab006410c6b6a46dabc31294c3ad1a60f883f6c347c571d3a.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

a156fb68dad395aab006410c6b6a46dabc31294c3ad1a60f883f6c347c571d3a
Size

305KB
MD5

81cffb5c1ad470aa47bb9a4c8c693a10
SHA1

f4f89571e8ef18a131694a525ac54d7d4975baf9
SHA256

a156fb68dad395aab006410c6b6a46dabc31294c3ad1a60f883f6c347c571d3a
SHA512

c8f43da72b660cfac8afad8c4cf2f0764b35b17f2dcdf2274350126ce78569905f9824260b5dbb8047b9fe2d4809c89a616ed5329c94c821665d574d9b726434
SSDEEP

6144:UDo7+iPeI5jZjlIhBkLcaug1nvj60+U5SwC0h40jD3tGDIrUACSnQ:UDviPTjZjcKICv+0Bb/3cUUACSQ

Score

N/A

Malware Config

Signatures

Files

a156fb68dad395aab006410c6b6a46dabc31294c3ad1a60f883f6c347c571d3a
.exe windows x86

b68f32937abdbcca26bcacfed30c4e38

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetFileAttributesW
CreateFileW
AddAtomW
CreateMutexW
CreateFileW
GetStdHandle
GetCurrentThreadId
ResumeThread
LeaveCriticalSection
LocalFlags
IsValidLocale
CreateDirectoryA
SetEvent
InterlockedExchange
GetTickCount
lstrlenA
GetVersionExA
VirtualProtect
OpenEventW
HeapDestroy
GetLocaleInfoA
SetFilePointer
GetModuleHandleA
GetModuleFileNameA
SuspendThread

user32

GetWindowLongA
SetRect
GetWindowTextA
IsMenu
IsMenu
DestroyMenu
wsprintfA
MessageBoxA
DispatchMessageA
DestroyIcon
PeekMessageA
LoadCursorA
GetWindowLongA

dplayx

DllUnregisterServer
DllRegisterServer
DllGetClassObject
DllCanUnloadNow

advapi32

IsValidAcl

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 298KB - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy