7fe42f2f80fcb69354cfbb08db5b4bdffb41b05a9af646e80627df1715f12b6e | Triage

Submit
Reports

Overview

overview

8

Static

static

7fe42f2f80...6e.exe

windows7-x64

8

7fe42f2f80...6e.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

7fe42f2f80fcb69354cfbb08db5b4bdffb41b05a9af646e80627df1715f12b6e.exe

Resource

win7-20221111-en

discovery persistence upx

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

7fe42f2f80fcb69354cfbb08db5b4bdffb41b05a9af646e80627df1715f12b6e.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

7fe42f2f80fcb69354cfbb08db5b4bdffb41b05a9af646e80627df1715f12b6e
Size

749KB
MD5

f99bcf20621ed99bc4dc8d59aca8fa0d
SHA1

e829659db18b1d68c410040d3384be31e07272bd
SHA256

7fe42f2f80fcb69354cfbb08db5b4bdffb41b05a9af646e80627df1715f12b6e
SHA512

ece4959aeade61c5482fac4cb389e9cfd6ba951fcf6cb5430f3bfde397eebab73fda3dbd89e49875a4db07db5172cf2162256265eb4d5310e265de9c80b7b7f3
SSDEEP

12288:Qs0NGO+fyCau1SDftAuHvJUdpu61WnuOFtk10rSp77uJK9Q5aW4NfCmFMdHjz8fo:QNNZ0v4KeQpu6A3iqSp77amBNDOjzghi

Score

N/A

Malware Config

Signatures

Files

7fe42f2f80fcb69354cfbb08db5b4bdffb41b05a9af646e80627df1715f12b6e
.exe windows x86

aa1df9b647365afd2ab66f01216ad991

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleW
ResetEvent
DeleteFileA
WriteFile
CreateDirectoryW
OpenEventA
GetModuleHandleA
RemoveDirectoryA
SetStdHandle
HeapFree
CreateMailslotW
Sleep
ReleaseMutex
FindClose
GetFileType
RemoveDirectoryA
VirtualProtectEx
CreateFileMappingW
lstrlenA
CreateFileA
CreateEventW
FindClose
GetLastError
GetCommandLineA
CancelIo

cryptui

LocalEnroll
WizardFree
LocalEnrollNoDS
CryptUIStartCertMgr
DllRegisterServer
CryptUIWizBuildCTL
CryptUIDlgFreeCAContext
CryptUIWizImport
WizardFree
CryptUIWizDigitalSign
CryptUIDlgViewContext
CryptUIWizExport
DllUnregisterServer

dbnmpntw

ConnectionClose
ConnectionClose
ConnectionClose
ConnectionClose

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 741KB - Virtual size: 740KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy