e63bdd2a5a501f6c9abd3d64e979a0d8753c306bcb65ed4ba019934fdaa16b40 | Triage

Submit
Reports

Overview

overview

Static

static

e63bdd2a5a...40.exe

windows7-x64

e63bdd2a5a...40.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

e63bdd2a5a501f6c9abd3d64e979a0d8753c306bcb65ed4ba019934fdaa16b40.exe

Resource

win7-20221111-en

blackmoon banker bootkit persistence spyware stealer trojan

windows7-x64

15 signatures

150 seconds

Behavioral task

behavioral2

Sample

e63bdd2a5a501f6c9abd3d64e979a0d8753c306bcb65ed4ba019934fdaa16b40.exe

Resource

win10v2004-20220901-en

blackmoon banker bootkit persistence spyware stealer trojan

windows10-2004-x64

14 signatures

150 seconds

General

Target

e63bdd2a5a501f6c9abd3d64e979a0d8753c306bcb65ed4ba019934fdaa16b40
Size

228KB
MD5

afaaa66ecd0ac26d0a165e4204b2b840
SHA1

654b2fb20e1e6e22056f3c33859c1d447de57e3d
SHA256

e63bdd2a5a501f6c9abd3d64e979a0d8753c306bcb65ed4ba019934fdaa16b40
SHA512

2970e9d2075eb66005bba6244419ea2114bbd6d9350374eb9d0393cb2d7d22a36d30a28a73df58de66a90e3d97475e72f7c590ae2a194f868e559de8011a044f
SSDEEP

3072:UUEj+yAcImVqud61e0i475I1piWZIDP8co1E8Rye3szANZOZUpht65w8:Ufj+kImVVd6In4+8zFojssHcUB8

Score

N/A

Malware Config

Signatures

Files

e63bdd2a5a501f6c9abd3d64e979a0d8753c306bcb65ed4ba019934fdaa16b40
.exe windows x86

91a01d7ffc5cfc65a876287ed512727c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
HeapFree
CloseHandle
LCMapStringA
GetProcAddress

user32

wsprintfA
CharLowerBuffA
SetWindowLongA
CreateWindowExA

advapi32

RegQueryValueA
RegDeleteKeyA
RegEnumValueA
RegCloseKey

ole32

CoCreateInstance
CoGetClassObject
CoMarshalInterface

Sections

.text
Size: 11KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.adata
Size: 68KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy