f2391602b1e2d8265896ad4ae4e19b0b78204936556163cd9e94d0732e19414d | Triage

Submit
Reports

Overview

overview

8

Static

static

f2391602b1...4d.exe

windows7-x64

8

f2391602b1...4d.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

f2391602b1e2d8265896ad4ae4e19b0b78204936556163cd9e94d0732e19414d.exe

Resource

win7-20220812-en

evasion persistence upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

f2391602b1e2d8265896ad4ae4e19b0b78204936556163cd9e94d0732e19414d.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

3 signatures

150 seconds

General

Target

f2391602b1e2d8265896ad4ae4e19b0b78204936556163cd9e94d0732e19414d
Size

333KB
MD5

586c4711d50c8100bd623677f4c56071
SHA1

2ca0512a39f7734cff7f156ca55fe0f5e7bbda2b
SHA256

f2391602b1e2d8265896ad4ae4e19b0b78204936556163cd9e94d0732e19414d
SHA512

90e24d9a5daac53670aac43028764a8b9e4d362ae7fe9ccd468373c0d96ff6c4afbb7d32e1e4bca2ddc61bc7e8e3c3c2d6f599b1a2ac080a6ca52e939d2822b7
SSDEEP

6144:9DF5zZkhPBynU7sk7wzeOiec0t0YTZeDpyCSmbLj5pJM+xZV5:9DnZkhJ7skuiZ4C7L1BxZV5

Score

N/A

Malware Config

Signatures

Files

f2391602b1e2d8265896ad4ae4e19b0b78204936556163cd9e94d0732e19414d
.exe windows x86

a1cd38dbe7a248c4133df631ea670450

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoRevokeClassObject
StgOpenStorage

advapi32

RegLoadKeyA
RegFlushKey
RegQueryValueA
RegDeleteKeyA
RegQueryMultipleValuesA
RegEnumKeyExA

kernel32

GetModuleHandleA
LCMapStringA
GetProfileIntA
GetProcAddress
FreeEnvironmentStringsA
GetEnvironmentVariableA
TlsSetValue
SuspendThread
QueryPerformanceCounter
TlsGetValue
GetModuleFileNameA
PulseEvent
GetEnvironmentStrings
ReleaseMutex
ReleaseSemaphore
LocalReAlloc
SetEvent
GetLastError
VirtualAlloc
ResetEvent
GetStartupInfoA

winspool.drv

AddFormA
AddPrinterConnectionA
ConfigurePortA
ConnectToPrinterDlg
AbortPrinter
DeleteFormA
AddPrinterA
ClosePrinter

msvcrt

__getmainargs
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_exit
_XcptFilter
exit
_acmdln
_initterm

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 314KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy