2b2d6ecff5919497f9d8a894b25461ebbf495b0de11990a8def50a5e66042a5c | Triage

Submit
Reports

Overview

overview

Static

static

2b2d6ecff5...5c.exe

windows7-x64

2b2d6ecff5...5c.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

2b2d6ecff5919497f9d8a894b25461ebbf495b0de11990a8def50a5e66042a5c.exe

Resource

win7-20220812-en

evasion persistence

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

2b2d6ecff5919497f9d8a894b25461ebbf495b0de11990a8def50a5e66042a5c.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

7 signatures

150 seconds

General

Target

2b2d6ecff5919497f9d8a894b25461ebbf495b0de11990a8def50a5e66042a5c
Size

175KB
MD5

672abf17efa5ba46e74e653c7b3c059c
SHA1

b6b0c4923a52a91160ee57c9190d2fdbf3176d14
SHA256

2b2d6ecff5919497f9d8a894b25461ebbf495b0de11990a8def50a5e66042a5c
SHA512

68feb27e383e37bd2ae3ce75d91e19f95a7e46406d17f3d58b6d243b0d63595b987e0f52c85248593856fbc3be335af8894257c9dc945a83d495b6f487ce8a71
SSDEEP

3072:0gyzkuvUEri8v3QykfkcinlPzcaZolnIXoMQGQ+V/ME5:0g92UCiOQTfbulKooMA

Score

N/A

Malware Config

Signatures

Files

2b2d6ecff5919497f9d8a894b25461ebbf495b0de11990a8def50a5e66042a5c
.exe windows x86

68494bfb8edba9f25327675a9d26c4a8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDialogBaseUnits
GrayStringW
CreateMenu
IsWindow
DeferWindowPos
GetDesktopWindow
GetMenuState
SendNotifyMessageW
GetForegroundWindow
AppendMenuW
CloseDesktop
IsZoomed

kernel32

GetModuleHandleA
GetOEMCP
PulseEvent
CreateThread
CreateDirectoryA
GetFileInformationByHandle
SetNamedPipeHandleState
lstrcmpiA

psapi

QueryWorkingSet

shlwapi

PathUnmakeSystemFolderA

advapi32

RegQueryValueExA
RegQueryValueExW
RegReplaceKeyA

Exports

Exports

_ExitWindowsExExitWindowsEx@0

Sections

.text
Size: 137KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy