626c5e1644b1eb918ef62cc40e69ce4908c5479e63ff8f4110ac179210b4fb9b | Triage

Submit
Reports

Overview

overview

8

Static

static

626c5e1644...9b.exe

windows7-x64

8

626c5e1644...9b.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

626c5e1644b1eb918ef62cc40e69ce4908c5479e63ff8f4110ac179210b4fb9b.exe

Resource

win7-20220812-en

discovery persistence upx

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

626c5e1644b1eb918ef62cc40e69ce4908c5479e63ff8f4110ac179210b4fb9b.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

626c5e1644b1eb918ef62cc40e69ce4908c5479e63ff8f4110ac179210b4fb9b
Size

768KB
MD5

04ef0c67c1da1bb32af5e9d4e92e8138
SHA1

600d78a4c68a127c5c6292579bc57fdc2a27fffa
SHA256

626c5e1644b1eb918ef62cc40e69ce4908c5479e63ff8f4110ac179210b4fb9b
SHA512

5cd1a0c3524b21bd56868967271f4ceb5af3d7c4a10bd7548e1867be7c2f27c284a180434083f3688805226d78d63045181970cfdfeb396ce712f92d29fe08ee
SSDEEP

24576:evguZkk2Yc1u+FSMP+hEmAIV4gp+BL3/:sKlElM2ygkd3/

Score

N/A

Malware Config

Signatures

Files

626c5e1644b1eb918ef62cc40e69ce4908c5479e63ff8f4110ac179210b4fb9b
.exe windows x86

e6c1463863bd3462e2cf5a1fe111b5e8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
GetFileSize
CreateDirectoryW
RemoveDirectoryW
CreateMutexA
CreateFileA
FatalExit
DeleteFileA
LoadLibraryA
MapViewOfFile
GetCommandLineW
RemoveDirectoryW
HeapSize
SetLastError
ReleaseSemaphore
GetStdHandle
OpenEventW
ReleaseSemaphore
HeapDestroy
VirtualProtect
CreateFileMappingW
GetStartupInfoA
ReleaseMutex
SetLastError
lstrlenA

cryptui

LocalEnroll
DllUnregisterServer
CryptUIStartCertMgr
WizardFree
CryptUIWizDigitalSign
CryptUIDlgViewContext
CryptUIWizExport
CryptUIWizBuildCTL
WizardFree
LocalEnrollNoDS
CryptUIWizImport
CryptUIDlgFreeCAContext
DllRegisterServer

iernonce

RunOnceExProcess
InitCallback
InitCallback
RunOnceExProcess

Sections

.text
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 760KB - Virtual size: 760KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy