d149af3d6ff68b6a3a369b2bb07dbd376d2705427308a08dd4675edcf63be5e6 | Triage

Submit
Reports

Overview

overview

Static

static

d149af3d6f...e6.exe

windows7-x64

3

d149af3d6f...e6.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

d149af3d6ff68b6a3a369b2bb07dbd376d2705427308a08dd4675edcf63be5e6.exe

Resource

win7-20221111-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

d149af3d6ff68b6a3a369b2bb07dbd376d2705427308a08dd4675edcf63be5e6.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

5 signatures

150 seconds

General

Target

d149af3d6ff68b6a3a369b2bb07dbd376d2705427308a08dd4675edcf63be5e6
Size

67KB
MD5

193daba2707b1b073984b09782dee346
SHA1

858afa40360115eb9b1593fba8c604e1f36a0e7a
SHA256

d149af3d6ff68b6a3a369b2bb07dbd376d2705427308a08dd4675edcf63be5e6
SHA512

9e287259b099f61e3be119154cc2a317a59d9eae97b2f19f271da5aa6ca2aed805aa7b4e912b6449561bdc94ad611e272ede44dc94ac3b24c97e2dc839c1191b
SSDEEP

1536:byoEo22akJmLgfPJ231YUoCg9RRj7LRxBc3tPfiwVXlrx:Pe2akJpfPr5p9RRvLRxBAlfiWz

Score

N/A

Malware Config

Signatures

Files

d149af3d6ff68b6a3a369b2bb07dbd376d2705427308a08dd4675edcf63be5e6
.exe windows x86

f30af535c6dc55142e1dbadbdf18de4c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendMessageA
GetCursorPos
GetDlgItem
OpenWindowStationA
GetClassNameA
OpenDesktopA
SetThreadDesktop
PeekMessageA
MsgWaitForMultipleObjects
ExitWindowsEx
DrawIcon
DispatchMessageA
GetDlgItemTextA
ToUnicode
GetWindowThreadProcessId
FindWindowExA

advapi32

RegSetValueExA
CryptReleaseContext
DuplicateTokenEx
RegEnumKeyExA
CryptDestroyHash
CryptCreateHash
RegDeleteValueA
GetUserNameW
RegQueryValueExA
RegCreateKeyExA
CryptHashData

kernel32

GetFileAttributesA
VirtualAlloc
ReleaseMutex
HeapReAlloc
VirtualProtect
GetFileTime
FindClose
CloseHandle
GetTickCount
GetCommandLineA
HeapAlloc
LoadLibraryA
lstrlenW
GlobalUnlock
GetModuleFileNameA
CreateProcessW

shlwapi

SHDeleteKeyA
wvnsprintfW
PathFileExistsW
PathFindFileNameW
wvnsprintfA
PathMatchSpecW
wnsprintfA
StrStrW
wnsprintfW
StrCmpNIW
PathRemoveFileSpecW

Sections

.text
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy