36ab20b7946851241cf6c4433e80a63038d0d95799936ec3e3e70e7230392ec5 | Triage

Submit
Reports

Overview

overview

8

Static

static

36ab20b794...c5.exe

windows7-x64

8

36ab20b794...c5.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

36ab20b7946851241cf6c4433e80a63038d0d95799936ec3e3e70e7230392ec5.exe

Resource

win7-20220812-en

discovery persistence upx

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

36ab20b7946851241cf6c4433e80a63038d0d95799936ec3e3e70e7230392ec5.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

36ab20b7946851241cf6c4433e80a63038d0d95799936ec3e3e70e7230392ec5
Size

769KB
MD5

09ee88822b73820b3910d272f9dd74fc
SHA1

91235431b0d8fc20d5615fdf63d58fd45b60e800
SHA256

36ab20b7946851241cf6c4433e80a63038d0d95799936ec3e3e70e7230392ec5
SHA512

b3e15fbb043639e1fa712897a8f2e8392165036fe1e170e32c636166071da8158367b89f46496bc2f93ce430a5d316b336984a124bd1a2952711365de233d289
SSDEEP

12288:q8qpmJG6FnQRCYp+QyTCgRqqHi3ZIFCynfdJoDfn7:9qyG6FQRCYYdTTRBrfrobn

Score

N/A

Malware Config

Signatures

Files

36ab20b7946851241cf6c4433e80a63038d0d95799936ec3e3e70e7230392ec5
.exe windows x86

138bc46b1757a54a8a3282ee8a29c556

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
CreateDirectoryW
GetCommandLineW
ReleaseMutex
GetFileSize
ReleaseSemaphore
GetStartupInfoA
GetStdHandle
FatalExit
ReleaseSemaphore
lstrlenW
HeapDestroy
CreateMutexA
SetLastError
CreateFileA
LoadLibraryA
HeapSize
RemoveDirectoryW
CreateFileMappingW
SetLastError
MapViewOfFile
DeleteFileA
RemoveDirectoryW
OpenEventW
VirtualProtect

cryptui

WizardFree
DllUnregisterServer
CryptUIDlgViewContext
CryptUIStartCertMgr
CryptUIWizDigitalSign
DllRegisterServer
CryptUIWizImport
CryptUIWizExport
LocalEnrollNoDS
LocalEnroll
CryptUIDlgFreeCAContext
WizardFree
CryptUIWizBuildCTL

iernonce

RunOnceExProcess
InitCallback
InitCallback
RunOnceExProcess

Sections

.text
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 761KB - Virtual size: 760KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy