b0f138ba56630ec94e9d7742c7c507e1f75c95bfe2ef523f8cd235de5382efbd | Triage

Submit
Reports

Overview

overview

5

Static

static

b0f138ba56...bd.exe

windows7-x64

5

b0f138ba56...bd.exe

windows10-2004-x64

5

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

b0f138ba56630ec94e9d7742c7c507e1f75c95bfe2ef523f8cd235de5382efbd.exe

Resource

win7-20220812-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

b0f138ba56630ec94e9d7742c7c507e1f75c95bfe2ef523f8cd235de5382efbd.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

4 signatures

150 seconds

General

Target

b0f138ba56630ec94e9d7742c7c507e1f75c95bfe2ef523f8cd235de5382efbd
Size

147KB
MD5

21967ef03523b711466a81b63b60cdf1
SHA1

a3a90d2e6dc2ca91411e5baca48b37997a9dbaae
SHA256

b0f138ba56630ec94e9d7742c7c507e1f75c95bfe2ef523f8cd235de5382efbd
SHA512

0b4df0089c896714e4c7b5994344e95bc765b6ea20d8e402ed754463a03f3d37605065a9aa5543459c06e4ec13a5bc07e40b48b5e77e12fe51a8bc7c25d8a604
SSDEEP

3072:DMY6VLBvoccGN+6M/XNP9AnEeERNlJQ2HVQv0aGgQDL9:DMBVlvSNVQQzHVkGVF

Score

N/A

Malware Config

Signatures

Files

b0f138ba56630ec94e9d7742c7c507e1f75c95bfe2ef523f8cd235de5382efbd
.exe windows x86

0d12dc1bcecfeaf0941bf616830f0769

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
_wcsnicmp
wcsncmp
wcsncpy
_wcsdup
free
wcscmp
memmove
memcpy
wcslen

kernel32

GetModuleHandleW
HeapCreate
HeapDestroy
ExitProcess
GetTickCount
Sleep
SuspendThread
CloseHandle
InitializeCriticalSection
GetModuleFileNameW
GetCommandLineW
HeapFree
HeapAlloc
HeapSize
FreeLibrary
LoadLibraryW
WideCharToMultiByte
GetProcAddress
WriteFile
CreateFileW
GetFileSize
ReadFile
HeapReAlloc

ntdll

NtUnmapViewOfSection

Sections

.code
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 14B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 130KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy