0d095eb89f291625f8e22b79d27694f2b3d0b935bf3bdb7a5428f7b51fe9336e | Triage

Submit
Reports

Overview

overview

8

Static

static

Imdisk/ImD...75.exe

windows7-x64

8

Imdisk/ImD...75.exe

windows10-2004-x64

8

Imdisk/西...��.url

windows7-x64

1

Imdisk/西...��.url

windows10-2004-x64

1

Imdisk/西...��.url

windows7-x64

1

Imdisk/西...��.url

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

Imdisk/ImDisk_GUI_1.75.exe

Resource

win7-20221111-en

discovery persistence

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

Imdisk/ImDisk_GUI_1.75.exe

Resource

win10v2004-20220812-en

discovery persistence

windows10-2004-x64

15 signatures

150 seconds

Behavioral task

behavioral3

Sample

Imdisk/西西软件园.url

Resource

win7-20221111-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

Imdisk/西西软件园.url

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

Imdisk/西西软件园_百度搜索.url

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

Imdisk/西西软件园_百度搜索.url

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

0d095eb89f291625f8e22b79d27694f2b3d0b935bf3bdb7a5428f7b51fe9336e
Size

692KB
MD5

d5dbe30009a06122552b21e93b985a48
SHA1

61c0bd269a2a6809f152ccc75053ee51641602f5
SHA256

0d095eb89f291625f8e22b79d27694f2b3d0b935bf3bdb7a5428f7b51fe9336e
SHA512

c3797f0a39a210b9a7dac9f4326742d186c0cdebafa421be2673f7cee0b7b8c5282805c91f4144c5ce3e8256da5f66bdc55637b66bc309edf9a363b86f323082
SSDEEP

12288:u+yNnppEOxakiEskGJdVLEO8CMVO3rD8BllNJfKTSlnHHrW/eUvF:ujVpZ0kiqG7p18CMw3rD8njCoiNt

Score

N/A

Malware Config

Signatures

Files

0d095eb89f291625f8e22b79d27694f2b3d0b935bf3bdb7a5428f7b51fe9336e
.zip
Imdisk/ImDisk_GUI_1.75.exe
.exe windows x86

026f04fe12a674fecc1094ebe07a66cf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

GetDC

gdi32

BitBlt

advapi32

FreeSid

shell32

DragQueryFileW

ole32

CoCreateInstance

oleaut32

SysAllocString

version

VerQueryValueW

setupapi

CM_Get_Parent

shlwapi

StrStrW

Exports

Exports

MemoryCopy
WndProc1
WndProc2
WndProc3
_WndProc1P@16
_WndProc2p@16
_WndProc3p@16

Sections

.MPRESS1
Size: 671KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Imdisk/西西软件园.txt
Imdisk/西西软件园.url
.url
Imdisk/西西软件园_百度搜索.url
.url

© 2018-2025

Terms | Privacy