b49a58e35cce4df5af5312efbaf52b9f20c0ab7053ceab953bd019dc1b048ea6 | Triage

Submit
Reports

Overview

overview

8

Static

static

b49a58e35c...a6.exe

windows7-x64

8

b49a58e35c...a6.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

b49a58e35cce4df5af5312efbaf52b9f20c0ab7053ceab953bd019dc1b048ea6.exe

Resource

win7-20220901-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

b49a58e35cce4df5af5312efbaf52b9f20c0ab7053ceab953bd019dc1b048ea6.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

4 signatures

150 seconds

General

Target

b49a58e35cce4df5af5312efbaf52b9f20c0ab7053ceab953bd019dc1b048ea6
Size

10KB
MD5

04e4461068ac6173f36f4c995cbb61a0
SHA1

d46e01eb75721bd01eef00afd64aa505b72e367f
SHA256

b49a58e35cce4df5af5312efbaf52b9f20c0ab7053ceab953bd019dc1b048ea6
SHA512

9fc50f4fe81a73de53c9bd58169209888edad055995331ae1dde23337a83a7d4986757e225cf45eb62d25925c34080d307c9fe418bdbd9b4f2bcac0756c41ff7
SSDEEP

192:SmPCQUyYshdWF2QbJznHpDRedOmstk+u:xUyYshwxHLLkH

Score

N/A

Malware Config

Signatures

Files

b49a58e35cce4df5af5312efbaf52b9f20c0ab7053ceab953bd019dc1b048ea6
.exe windows x86

b08cabd1969e044d155ca067fcd2d238

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetDiskFreeSpaceExA
CreateFileA
GetDriveTypeA
GetLogicalDriveStringsA
GetLogicalDrives
FindClose
GetLastError
FindNextFileA
FindFirstFileA
SetCurrentDirectoryA
CreateToolhelp32Snapshot
OpenProcess
GetVolumeInformationA
SetFileAttributesA
GetModuleFileNameA
GetSystemDirectoryA
GlobalLock
GlobalAlloc
GlobalFree
GlobalUnlock
ReadFile
WriteFile
Process32First
CloseHandle
Sleep
TerminateProcess
Process32Next

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegOpenKeyA

shell32

ShellExecuteA

msvcrt

strncat
_filelength
fclose
fopen
??2@YAPAXI@Z
??3@YAXPAX@Z
fwrite
fread
sprintf
_fileno
strncpy
fprintf
remove
_mkdir
ftell
fseek

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 697B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy