fe3a5b4e9eb11978a39ca6b906170eb46256c800494fa1647766f71609f65ff5 | Triage

Submit
Reports

Overview

overview

7

Static

static

fe3a5b4e9e...f5.exe

windows7-x64

7

fe3a5b4e9e...f5.exe

windows10-2004-x64

7

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

fe3a5b4e9eb11978a39ca6b906170eb46256c800494fa1647766f71609f65ff5.exe

Resource

win7-20220901-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

fe3a5b4e9eb11978a39ca6b906170eb46256c800494fa1647766f71609f65ff5.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

6 signatures

150 seconds

General

Target

fe3a5b4e9eb11978a39ca6b906170eb46256c800494fa1647766f71609f65ff5
Size

166KB
MD5

958d39fe6e44bcf1c8159000b126586b
SHA1

3aba7886806285c94c5c97fa88a88f584a301f49
SHA256

fe3a5b4e9eb11978a39ca6b906170eb46256c800494fa1647766f71609f65ff5
SHA512

7e00f7e6a06a543a9606672a9d1f5592e0d7c1564eeadbb3f7361e280baa9a3af74071e8a54c2fd168948616495ef8c78acf7b4a17cd03b895f8a34f5e72cbc4
SSDEEP

3072:xmCZPu75vBogHa5I9dZ1wpbT07nz1BxVHwx6OUt0kgMAmS:ZE5mg6K4FI9tMhgg

Score

N/A

Malware Config

Signatures

Files

fe3a5b4e9eb11978a39ca6b906170eb46256c800494fa1647766f71609f65ff5
.exe windows x86

1f045e91c0964ad051033062b9585fba

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shell32

CommandLineToArgvW
SHCreateDirectoryExW
SHGetSpecialFolderLocation

msvcrt

wprintf
wcsstr
memset
free
exit
_wcslwr
_wcsdup
_ismbblead
_initterm
_exit
_controlfp
_cexit
_amsg_exit
__setusermatherr
__set_app_type
__p__fmode
__p__commode
__getmainargs
_XcptFilter
printf

gdi32

PolyDraw
ArcTo

kernel32

InterlockedExchange
ExitProcess
lstrlenW
VirtualProtect
VirtualFree
VirtualAlloc
FindFirstFileW
TerminateProcess
Sleep
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetProcAddress
GetModuleHandleA
GetCurrentProcessId
FindNextFileW

user32

IsWindow

Exports

Exports

AthwsprintfW
BindContext
EndSession
FMissingCert
GetCurrentIndex2
HrEditPhonebookEntry
PSTSetNewData
PszDupA
SetIndexRange
UpdateRebarBandColors

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 347B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy