784e4e552eded191db2296fdea0ad8dbd7cac601fb708dd1f0a114d38c33db49 | Triage

Submit
Reports

Overview

overview

8

Static

static

784e4e552e...49.exe

windows7-x64

8

784e4e552e...49.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

784e4e552eded191db2296fdea0ad8dbd7cac601fb708dd1f0a114d38c33db49.exe

Resource

win7-20220812-en

discovery evasion persistence

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

784e4e552eded191db2296fdea0ad8dbd7cac601fb708dd1f0a114d38c33db49.exe

Resource

win10v2004-20220901-en

discovery evasion persistence

windows10-2004-x64

9 signatures

150 seconds

General

Target

784e4e552eded191db2296fdea0ad8dbd7cac601fb708dd1f0a114d38c33db49
Size

228KB
MD5

0aa68218bc6e7a71511ce68b92b5d659
SHA1

994074d1bc7cb0b463c3f8a21cc02cf7eb8e7a0e
SHA256

784e4e552eded191db2296fdea0ad8dbd7cac601fb708dd1f0a114d38c33db49
SHA512

afcb7ab2e8f376c447ae4ea64570ffd096cc59787c13a799fe3e6ca1232632c791d0ba81eef54c74bd22ca3bf7fa3816d1045273f1da98da3936f94b02b3012b
SSDEEP

6144:NBDe9+StEuxuH8WXdmQnBAJwVBfrcNXNP+LONc:N9lSWtV1nooLO

Score

N/A

Malware Config

Signatures

Files

784e4e552eded191db2296fdea0ad8dbd7cac601fb708dd1f0a114d38c33db49
.exe windows x86

ca3245bb66c4a241deac2bbda62d60a2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMessageW
IsZoomed
DialogBoxParamA
GetPropW
IsDialogMessageW
GetClassLongA
LoadCursorW
InsertMenuA
wsprintfA
DrawStateA
IsMenu
GetDlgItemTextW
CreateDesktopW
LoadIconA
FlashWindow
CharToOemA
LoadBitmapA
LoadMenuW

shell32

DuplicateIcon
SHFree
FindExecutableA
DragAcceptFiles
SHGetMalloc
StrChrA
SHGetFileInfoA
SHGetDiskFreeSpaceA
DragQueryPoint
SHGetDataFromIDListA
SHBindToParent
ShellMessageBoxA

kernel32

VirtualProtectEx
GetFullPathNameW
GetLogicalDriveStringsW
WriteConsoleW
GetDriveTypeA
GetPrivateProfileIntA
GetProcessId
GetNumberFormatW
GetModuleHandleA
CreateNamedPipeA
IsBadStringPtrA
GetCurrentProcess
lstrcpynA
WaitForSingleObject
LoadLibraryW

authz

AuthzAddSidsToContext
AuthzFreeResourceManager
AuthzInitializeContextFromSid
AuthzFreeAuditEvent
AuthzFreeContext

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 176KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy