36e07284bd0bb8ef0fa268a2dc3bdbeae2efcd1f8ee7361971095aa47cc92868 | Triage

Submit
Reports

Overview

overview

8

Static

static

36e07284bd...68.exe

windows7-x64

8

36e07284bd...68.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

36e07284bd0bb8ef0fa268a2dc3bdbeae2efcd1f8ee7361971095aa47cc92868.exe

Resource

win7-20221111-en

discovery persistence upx

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

36e07284bd0bb8ef0fa268a2dc3bdbeae2efcd1f8ee7361971095aa47cc92868.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

36e07284bd0bb8ef0fa268a2dc3bdbeae2efcd1f8ee7361971095aa47cc92868
Size

813KB
MD5

78938c3fcf2f2a7d0da3f49923be048a
SHA1

732b0d6239567985bee2a4931df3a91c8a46c644
SHA256

36e07284bd0bb8ef0fa268a2dc3bdbeae2efcd1f8ee7361971095aa47cc92868
SHA512

0b64098e290af914b8650bce55970fd1fded7617cff66cf6f98f8de8ce202407985da51735ae39c8222d5b4e1391587bdbb348004e9ef81fd7e40c5741a312f1
SSDEEP

24576:FA6ouRnknA1AI2OWR+pHrh1j33Dii9LeN97rwjR:PouRnkPtETii9M97rwj

Score

N/A

Malware Config

Signatures

Files

36e07284bd0bb8ef0fa268a2dc3bdbeae2efcd1f8ee7361971095aa47cc92868
.exe windows x86

e1f338f7bc74a279dbc88d33c7a78a99

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleA
FindVolumeClose
CreateSemaphoreA
GetEnvironmentVariableA
CloseHandle
GetCommandLineA
Sleep
EnumResourceTypesW
CloseHandle
SetLastError
SuspendThread
lstrlenW
HeapCreate
GetStartupInfoA
GetCommandLineA
FileTimeToSystemTime
DeleteFileA
GetModuleHandleA
HeapDestroy
OpenEventA

advapi32

IsValidSid
CreateServiceW
IsValidSid
ControlService
RegEnumKeyA
IsValidAcl
IsValidSid
IsValidSid
RegDeleteValueA
InitializeSid
IsValidSid
RegCreateKeyExW
CloseEventLog

ddrawex

DllRegisterServer
DllRegisterServer
DllRegisterServer
DllRegisterServer

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 806KB - Virtual size: 806KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy