301419811ac9bfb99c27364468fec30425cc439ec989af7b8a3a00e90b0b83da | Triage

Submit
Reports

Overview

overview

8

Static

static

301419811a...da.exe

windows7-x64

8

301419811a...da.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

301419811ac9bfb99c27364468fec30425cc439ec989af7b8a3a00e90b0b83da.exe

Resource

win7-20220812-en

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

301419811ac9bfb99c27364468fec30425cc439ec989af7b8a3a00e90b0b83da.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

301419811ac9bfb99c27364468fec30425cc439ec989af7b8a3a00e90b0b83da
Size

156KB
MD5

823c37dcbc53967e1649e7e47167a965
SHA1

89449923971dcf1970adbb1719d3b1ceb428c2a8
SHA256

301419811ac9bfb99c27364468fec30425cc439ec989af7b8a3a00e90b0b83da
SHA512

dbf156e3f2a6b2115a99538ceeb5781f54d85b5b1d4243e06e3fef645ea3577aeb778b45d2c359973744a3713285f15f364e11edcaaf0e3d2644cccecc52f7d6
SSDEEP

3072:PMngP1zP4IKrGpnqIE2Vc4cffB8Pzn0sZTz5btNE:kEwGpLcvnMDJTzJE

Score

N/A

Malware Config

Signatures

Files

301419811ac9bfb99c27364468fec30425cc439ec989af7b8a3a00e90b0b83da
.exe windows x86

e84a314207b06b747a4700b16cc61b4d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateGuid
StringFromCLSID
CoTaskMemAlloc
CLSIDFromString
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoCreateInstance
CoInitializeSecurity
CoSetProxyBlanket
CoInitializeEx
CoUninitialize
CoTaskMemFree
CoGetClassObject

rpcrt4

RpcStringBindingComposeW
RpcStringFreeW
RpcSmDestroyClientContext
RpcBindingFromStringBindingW

shell32

SHGetFolderPathW
DragQueryFileW
DragFinish
CommandLineToArgvW
SHFileOperationW

user32

wvsprintfA

kernel32

GetCurrentDirectoryW
GetSystemTimeAsFileTime
GetProcessHeap
CreateConsoleScreenBuffer
GetModuleHandleW
CreateProcessA
GetTempFileNameA
HeapFree
HeapAlloc
LoadLibraryW
InterlockedExchange
Sleep
InterlockedCompareExchange
GetStartupInfoA
TerminateProcess
GetCurrentProcess

oleaut32

LHashValOfNameSys
GetRecordInfoFromTypeInfo
VarUI4FromDec
SysFreeString

Sections

.text
Size: 82KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy