198c0a7f3e950690f889626a57fbfb6d2161b14f4d3d796091a91a3d4a3dc72a | Triage

Submit
Reports

Overview

overview

8

Static

static

198c0a7f3e...2a.exe

windows7-x64

8

198c0a7f3e...2a.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

198c0a7f3e950690f889626a57fbfb6d2161b14f4d3d796091a91a3d4a3dc72a.exe

Resource

win7-20221111-en

discovery persistence upx

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

198c0a7f3e950690f889626a57fbfb6d2161b14f4d3d796091a91a3d4a3dc72a.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

198c0a7f3e950690f889626a57fbfb6d2161b14f4d3d796091a91a3d4a3dc72a
Size

767KB
MD5

9fd424eeb751a1f49ec852e38778e07a
SHA1

9b246aa9c285666e139046f3b665bc9cbeee9295
SHA256

198c0a7f3e950690f889626a57fbfb6d2161b14f4d3d796091a91a3d4a3dc72a
SHA512

bf5fc20b047623cf3192ac570056937e19a99ac9cb5e8680e3b4a5e4f0bea981510b2bd4a250a33cbc344b14e2314c4ff273d291c97e56562b61cb50e5c446af
SSDEEP

12288:bpQGwLzPPJL4b8g2hffTjs8opWazLFWeEO7zTPln7YRwqfJvg9cUlbWLX7tKzEOl:bmG6zPBNVLoH8y9n7YqqRv8TuXJeb

Score

N/A

Malware Config

Signatures

Files

198c0a7f3e950690f889626a57fbfb6d2161b14f4d3d796091a91a3d4a3dc72a
.exe windows x86

3611fc0830d84dd2b50b7b63b710a176

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
CreatePipe
GetStdHandle
CreateFileMappingW
CreateMutexA
HeapDestroy
GetFileSize
CloseHandle
RemoveDirectoryW
GetCommandLineW
WriteConsoleW
VirtualProtectEx
RemoveDirectoryW
ReleaseSemaphore
DeleteFileA
OpenEventW
GetVersion
HeapSize
CreateDirectoryW
LoadLibraryA
WriteFile
ReleaseMutex
Sleep
lstrlenA
CloseHandle

user32

CreateIcon
IsZoomed
DestroyMenu
DrawTextW
GetSysColor
PeekMessageA
GetClassInfoA
MessageBoxA
IsWindow
GetWindowLongA
FindWindowA
DispatchMessageA
DestroyMenu

eventcls

DllGetClassObject
DllGetClassObject
DllGetClassObject
DllGetClassObject

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 760KB - Virtual size: 760KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy