2d6d316c72d9790a45676427638649f7b5666d432a955cd480b36d4ecf737289 | Triage

Submit
Reports

Overview

overview

1

Static

static

2d6d316c72...89.exe

windows7-x64

1

2d6d316c72...89.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

2d6d316c72d9790a45676427638649f7b5666d432a955cd480b36d4ecf737289.exe

Resource

win7-20221111-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

2d6d316c72d9790a45676427638649f7b5666d432a955cd480b36d4ecf737289.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

2d6d316c72d9790a45676427638649f7b5666d432a955cd480b36d4ecf737289
Size

284KB
MD5

4e3440c11ea1fbf084e78a40d6179df7
SHA1

b8e7a50d4b0dddb16a35f2ba2edcd39aadbb0739
SHA256

2d6d316c72d9790a45676427638649f7b5666d432a955cd480b36d4ecf737289
SHA512

f25c0c56fe574f215d52bae394ce77fb5414dbdde1ce94ef3605bf4fa14bb1fb573c75e14f9c4749360064e752c506f017b58f51104f4e26b1c5cd5c5a310ef0
SSDEEP

6144:y2EnIW7iI6kSKxU0hJTOz6tcqaF2Mzry+oDXz7iKiqJAkh+fT:yNIsjrSgJ8V2Mzry+oDzOKlJA4+fT

Score

N/A

Malware Config

Signatures

Files

2d6d316c72d9790a45676427638649f7b5666d432a955cd480b36d4ecf737289
.exe windows x86

0b1cd1b67b013c66bb67dd985d3cae5c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoA
IsBadWritePtr
HeapFree
LoadLibraryW
GetStringTypeW
lstrcpynA
lstrcpyA
GetEnvironmentStrings
LocalFree
WideCharToMultiByte
VirtualFree
EnterCriticalSection
FreeEnvironmentStringsA
lstrlenA
LCMapStringA
FreeEnvironmentStringsW
GetCPInfo
QueryPerformanceCounter
LCMapStringW
GetVersion
GetStdHandle
MultiByteToWideChar
HeapAlloc
SetHandleCount
GetACP
ExpandEnvironmentStringsA
LocalAlloc
GetCurrentProcess
GetFileType
HeapCreate
GetCommandLineA
GetModuleFileNameA
GetStartupInfoA
HeapDestroy
GetStringTypeA

user32

wsprintfA
LoadStringA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegEnumKeyExA
RegEnumValueA
RegSetValueExA

ntdll

RtlUnwind

Sections

.text
Size: 162KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 69KB - Virtual size: 897KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy