da7b3b74baff0ef25518cf3ceee92b50b7b01238f50d13d2390c9d5a6f289799 | Triage

Submit
Reports

Overview

overview

9

Static

static

da7b3b74ba...99.exe

windows7-x64

9

da7b3b74ba...99.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

da7b3b74baff0ef25518cf3ceee92b50b7b01238f50d13d2390c9d5a6f289799.exe

Resource

win7-20220812-en

discovery evasion

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

da7b3b74baff0ef25518cf3ceee92b50b7b01238f50d13d2390c9d5a6f289799.exe

Resource

win10v2004-20221111-en

discovery evasion persistence

windows10-2004-x64

7 signatures

150 seconds

General

Target

da7b3b74baff0ef25518cf3ceee92b50b7b01238f50d13d2390c9d5a6f289799
Size

1.0MB
MD5

04ac079d3f6cd8a661c4e338f4cc98c7
SHA1

baf12caf20696359859aaf603c98e949b2fa44ad
SHA256

da7b3b74baff0ef25518cf3ceee92b50b7b01238f50d13d2390c9d5a6f289799
SHA512

acec4c421863263a8baf74a8e2206cde33cf9642f7dd6d985ee47c99d204ca52b9d9f1a52f39cbb8c5c8e65e34d585b2a972d5fa84da1f51fe7396a4a98a6499
SSDEEP

12288:jdg3oWpaEJpKtTLTYdgjSSlIWpF/NYfQgskz/Sa:Rg3ooaWpKtMdgjhIQNIHS

Score

N/A

Malware Config

Signatures

Files

da7b3b74baff0ef25518cf3ceee92b50b7b01238f50d13d2390c9d5a6f289799
.exe windows x86

b591082cb28ea20f89cdc38b51b06a89

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetFullPathNameA
GetLastError
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
LoadLibraryA
GetCurrentProcessId
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
lstrcpyA
lstrcpynA
lstrlenA
GetCurrentProcess
FreeLibrary
GetDriveTypeA
GetModuleHandleW
CreateFileA
VirtualAlloc
QueryPerformanceCounter

user32

LoadCursorW
GetSysColor
LoadCursorA

advapi32

RegQueryValueExA
RegOpenKeyExA
DeleteService
OpenSCManagerA
OpenServiceA
CloseServiceHandle

msvcrt

_XcptFilter
__getmainargs
__initenv
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_adjust_fdiv
_c_exit
_cexit
_controlfp
_except_handler3
_exit
_initterm
_stricmp
exit
free
malloc
printf

Sections

.text
Size: 1000KB - Virtual size: 999KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy