d4b846ed29ab7514699b0f15cd98003e8dbca14e638a22aa46be44e264e7f8ee | Triage

Submit
Reports

Overview

overview

8

Static

static

d4b846ed29...ee.exe

windows7-x64

8

d4b846ed29...ee.exe

windows10-2004-x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

d4b846ed29ab7514699b0f15cd98003e8dbca14e638a22aa46be44e264e7f8ee.exe

Resource

win7-20220812-en

discovery persistence upx

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

d4b846ed29ab7514699b0f15cd98003e8dbca14e638a22aa46be44e264e7f8ee.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

2 signatures

150 seconds

General

Target

d4b846ed29ab7514699b0f15cd98003e8dbca14e638a22aa46be44e264e7f8ee
Size

747KB
MD5

09ed7203f35bdb3cc59ea50c5f57f05a
SHA1

d5b1122cff1af6cb8a1d0548f3e5e62c498aee3e
SHA256

d4b846ed29ab7514699b0f15cd98003e8dbca14e638a22aa46be44e264e7f8ee
SHA512

a1e987c9636499de54a377cdae8d55b4630bc7da32a7e7046572bd93dfa256d57a5f4e49c89aaf6654bfe9279a915598bb0ef18311a7c9107588fd7515724ec3
SSDEEP

12288:w+E/On/GmPaHyBHuwGi3u1ZQIo4MKn9iKyUglEVQsL892sGTm671ZLgeVdm:j/PPaSBxU1aIMo9iKyUgqVQs06TLZLXq

Score

N/A

Malware Config

Signatures

Files

d4b846ed29ab7514699b0f15cd98003e8dbca14e638a22aa46be44e264e7f8ee
.exe windows x86

f801b75337121ea945e0f7d6f1c55cd9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeA
GetTickCount
WaitForMultipleObjects
FindVolumeClose
CloseHandle
CreateDirectoryA
GetCurrentDirectoryW
GetCommandLineA
GetModuleHandleA
CreateSemaphoreA
FindClose
FindVolumeClose
HeapFree
ExitThread
lstrlenA
CancelIo
VirtualQuery
GetFileTime
GetFileType
GetModuleFileNameA
WriteFile
LocalSize
IsBadReadPtr
HeapCreate
GetFileAttributesA

uxtheme

IsThemeActive
GetThemeEnumValue
DrawThemeEdge
SetWindowTheme
OpenThemeData
CloseThemeData
CloseThemeData
GetThemeBool
GetThemeColor
GetWindowTheme
DrawThemeBackground
GetThemeTextMetrics
GetThemeTextExtent

fltlib

FilterClose
FilterClose
FilterClose
FilterClose

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 740KB - Virtual size: 739KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy