0e20a13b6d3996a43a456004d0588d593f3cc5b8cac802814927d6f960f7d927 | Triage

Submit
Reports

Overview

overview

Static

static

0e20a13b6d...27.exe

windows7-x64

0e20a13b6d...27.exe

windows10-2004-x64

5

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

0e20a13b6d3996a43a456004d0588d593f3cc5b8cac802814927d6f960f7d927.exe

Resource

win7-20221111-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

0e20a13b6d3996a43a456004d0588d593f3cc5b8cac802814927d6f960f7d927.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

2 signatures

150 seconds

General

Target

0e20a13b6d3996a43a456004d0588d593f3cc5b8cac802814927d6f960f7d927
Size

55KB
MD5

a6a2e96f4c1b6f8b5e54e3af93079cd6
SHA1

4abb26b3c47a473149862d2f78613bb2a315ecdc
SHA256

0e20a13b6d3996a43a456004d0588d593f3cc5b8cac802814927d6f960f7d927
SHA512

cb9e6f7978cdab17ff2156f495607fdf4deb052336154a6bbd0deb434c3b819a7ed0a547a603d926c1151e22cc093f39fae267f53582f0d02f13a56c25421165
SSDEEP

768:4JMQT7LdbkdxaK7BYsTExVU/QpT2dexGDPt+FYyfm3VGESGkgEPmMrwm93:GMQTdbkdxd3nQlaV+qYokVBr

Score

N/A

Malware Config

Signatures

Files

0e20a13b6d3996a43a456004d0588d593f3cc5b8cac802814927d6f960f7d927
.exe windows x86

e285dc986b3a38eea976e524792eedef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleW
VirtualProtectEx
GetLastError
RemoveDirectoryA
CreateEventW
CreateMailslotW
FindClose
CreateDirectoryW
lstrlenA
RemoveDirectoryA
ResetEvent
GetFileType
SetEvent
SetLocalTime
OpenEventA
WriteFile
HeapFree
CreateFileMappingW
ReleaseMutex
Sleep
GetCommandLineA
SetStdHandle
GetModuleHandleA
FindClose
DeleteFileA

ntshrui

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

cmcfg32

CMConfig
CMConfig
CMConfig
CMConfig

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy