ab73888d1440fed995032ff475e05bf5814fb9855a104630161a5f915d1d6b12 | Triage

Submit
Reports

Overview

overview

Static

static

ab73888d14...12.exe

windows7-x64

ab73888d14...12.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

ab73888d1440fed995032ff475e05bf5814fb9855a104630161a5f915d1d6b12.exe

Resource

win7-20220812-en

evasion persistence

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

ab73888d1440fed995032ff475e05bf5814fb9855a104630161a5f915d1d6b12.exe

Resource

win10v2004-20220812-en

evasion persistence

windows10-2004-x64

7 signatures

150 seconds

General

Target

ab73888d1440fed995032ff475e05bf5814fb9855a104630161a5f915d1d6b12
Size

152KB
MD5

05009ccadc0dba9c9561b4e0a9270211
SHA1

d445bc150a478f0fbd70c1f98e6bd4f7dc27dd1a
SHA256

ab73888d1440fed995032ff475e05bf5814fb9855a104630161a5f915d1d6b12
SHA512

d57e500790a26562eb02f06258427267bb06d4f73b7ea0905b0a681e1a2d9489083643f836b454c72aa0b0bf00476be1e24665e2cf902d97d5e6462d5f52287f
SSDEEP

3072:4C3ihpU0EXqyWOSr2ROWKdSJDLVAXhRRHy:QDEXW/2ROdMHVAxRRHy

Score

N/A

Malware Config

Signatures

Files

ab73888d1440fed995032ff475e05bf5814fb9855a104630161a5f915d1d6b12
.exe windows x86

6039c26165040db47e28057ca34786ef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

srand
memcmp
strcat
isdigit
isspace
memcpy
rename
memset
_EH_prolog
__CxxFrameHandler
strcmp
strncpy
strstr
strcpy
rand
abs
strlen

user32

MessageBoxA
wvsprintfA

kernel32

GetModuleHandleA
HeapReAlloc
HeapFree
GetProcessHeap
HeapAlloc
LoadLibraryA
GetProcAddress
GetTickCount
GetStartupInfoA
GetCommandLineA
ExitProcess

Sections

.text
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy