c045609c263c00afa6da696673e8a098bf1649eead3dd882a70f3ab7abbd01d4 | Triage

Submit
Reports

Overview

overview

1

Static

static

c045609c26...d4.exe

windows7-x64

1

c045609c26...d4.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

c045609c263c00afa6da696673e8a098bf1649eead3dd882a70f3ab7abbd01d4.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

c045609c263c00afa6da696673e8a098bf1649eead3dd882a70f3ab7abbd01d4.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

c045609c263c00afa6da696673e8a098bf1649eead3dd882a70f3ab7abbd01d4
Size

220KB
MD5

1ea687ae7dc1c8276322edfbeabe2280
SHA1

8f42bfd35dac6ec7a7dd92b637147588d3b3dac3
SHA256

c045609c263c00afa6da696673e8a098bf1649eead3dd882a70f3ab7abbd01d4
SHA512

7331a390bc637d3c7b9c2581d87b9790cfb555368b253f56d9fdbb90220bc50ff8310ddee823567927a6af417d387c3ffdb78c495ef1d2b5f2afbb0eba265066
SSDEEP

6144:eBa4VE7DZ+tun3MHLt3KBOeitEdVH+gyV:eO7DMtuWaBOeiiVH+gyV

Score

N/A

Malware Config

Signatures

Files

c045609c263c00afa6da696673e8a098bf1649eead3dd882a70f3ab7abbd01d4
.exe windows x86

4a7ac0169550e8afa6c9aa3f434116f1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleSetContainedObject
OleInitialize
CoCreateInstance
CoUninitialize
CoInitialize
OleUninitialize

sisbkup

SisCreateRestoreStructure
SisRestoredLink
SisRestoredCommonStoreFile
SisFreeAllocatedMemory
SisCSFilesToBackupForLink
SisFreeRestoreStructure

msvcrt

_ftol
_exit
_ltoa
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__dllonexit
_onexit
_XcptFilter

kernel32

LocalFree
LoadLibraryA
GetLastError
RaiseException
InterlockedExchange
LocalAlloc
FreeLibrary
GetProcAddress
SetTapeParameters
GetStartupInfoA
GetModuleHandleA
GetSystemInfo
VirtualProtect

Exports

Exports

MustSit
RecordBoy
TravelCenter
fallquick

Sections

.text
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy