63294aab3f0645fdc488074e43819182d8b621c3c4bfd24f999d2aa5e30c3cc1 | Triage

Submit
Reports

Overview

overview

8

Static

static

63294aab3f...c1.exe

windows7-x64

8

63294aab3f...c1.exe

windows10-2004-x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

63294aab3f0645fdc488074e43819182d8b621c3c4bfd24f999d2aa5e30c3cc1.exe

Resource

win7-20220812-en

evasion persistence upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

63294aab3f0645fdc488074e43819182d8b621c3c4bfd24f999d2aa5e30c3cc1.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

3 signatures

150 seconds

General

Target

63294aab3f0645fdc488074e43819182d8b621c3c4bfd24f999d2aa5e30c3cc1
Size

334KB
MD5

3f629c5b958845119f21931da1473c6c
SHA1

cdce405920e99699740d89599b9ec7f40e9c806f
SHA256

63294aab3f0645fdc488074e43819182d8b621c3c4bfd24f999d2aa5e30c3cc1
SHA512

85192ff9caa98eaf706537a6ece20b7da994423afdf59c12ce70fd5cfc4150bf4d8517851f274956c24ab660c732aa13da64e58d9acddcf954853855f722a528
SSDEEP

6144:92C4B23wyiZ9/G65p/lPeKzXoXsHqjJtrxCW4zfwAHeLQJk8UTEmrKo:sCEyiX/G65JZkXsHWtIpzd+LikrKo

Score

N/A

Malware Config

Signatures

Files

63294aab3f0645fdc488074e43819182d8b621c3c4bfd24f999d2aa5e30c3cc1
.exe windows x86

7c1912c0b0097c0975483459fd598514

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeA
IsValidLocale
OpenMutexA
CreateEventA
WaitForSingleObject
PulseEvent
GetSystemDefaultLangID
InitializeCriticalSection
GetCPInfo
VirtualLock
GetNumberFormatA
SetEvent
CreateSemaphoreA
GetProcAddress
OpenSemaphoreA
ResumeThread
SuspendThread
VirtualAllocEx
ResetEvent
ReleaseSemaphore
GetModuleHandleA
GetStartupInfoA

netapi32

NetGroupDelUser
NetGetJoinableOUs
NetErrorLogRead
NetGetJoinInformation
NetConfigGetAll
NetFileEnum
Netbios
NetAuditRead
NetAuditWrite
NetErrorLogWrite
NetGroupAddUser
NetAuditClear
NetGroupAdd
NetFileClose
NetConnectionEnum
NetGetAnyDCName

msvcrt

perror
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_pctype
_isctype
__mb_cur_max
iswctype
_exit

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 311KB - Virtual size: 414KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy