9dfcb22395ca20d13b13511bbc42f1813667cc7727e842dedea389b7385646d0 | Triage

Submit
Reports

Overview

overview

1

Static

static

9dfcb22395...d0.exe

windows7-x64

1

9dfcb22395...d0.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

9dfcb22395ca20d13b13511bbc42f1813667cc7727e842dedea389b7385646d0.exe

Resource

win7-20220812-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

9dfcb22395ca20d13b13511bbc42f1813667cc7727e842dedea389b7385646d0.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

9dfcb22395ca20d13b13511bbc42f1813667cc7727e842dedea389b7385646d0
Size

334KB
MD5

52e0b72f856434f958023680a8f191b0
SHA1

f5591c146584383f47f99025e3d1b0b5781e4299
SHA256

9dfcb22395ca20d13b13511bbc42f1813667cc7727e842dedea389b7385646d0
SHA512

01bd3b6c816a6e17929385d7a67d180a7ced77a7ec7b8d925159d0f97ee614c8c1ac5fe40c2d792842f7935eeefaf5e34556545805beb73fd7a138238001e53d
SSDEEP

6144:7i9fI/DaseFl5jnaWTRwWz4zEjzJOOdaJa+qwOfGl4VtYhhk:sfI/YDaWgofB7S8tWk

Score

N/A

Malware Config

Signatures

Files

9dfcb22395ca20d13b13511bbc42f1813667cc7727e842dedea389b7385646d0
.exe windows x86

342eb89a5eb4df22614f889933ea36b4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
CloseHandle
SetLastError
lstrcmpA
CreateFileA
WideCharToMultiByte
GetCurrentProcess
GetCurrentProcessId
HeapFree
GetSystemDefaultLangID
GetLocalTime
HeapAlloc
IsValidLocale
GetTickCount
SetUnhandledExceptionFilter
GetSystemInfo
lstrcpyW
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetUserDefaultLCID
MultiByteToWideChar
SystemTimeToFileTime
GetProcessHeap

w32topl

ToplScheduleCreate
ToplSTHeapDestroy
ToplScheduleCacheCreate
ToplSTHeapInit
ToplSTHeapExtractMin
ToplScheduleCacheDestroy
ToplScheduleExportReadonly

fontext

DllGetClassObject
DllCanUnloadNow

fontsub

MergeFontPackage
CreateFontPackage

fmifs

FormatEx
Format
DiskCopy
Chkdsk
EnableVolumeCompression
Extend

Sections

.rdata
Size: 176KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

text
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy