ac24951b465bfc8470d7a2f3b420aed5265287d5f0477a13629d052391e31469 | Triage

Submit
Reports

Overview

overview

8

Static

static

ac24951b46...69.exe

windows7-x64

8

ac24951b46...69.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

ac24951b465bfc8470d7a2f3b420aed5265287d5f0477a13629d052391e31469.exe

Resource

win7-20220812-en

discovery persistence upx

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

ac24951b465bfc8470d7a2f3b420aed5265287d5f0477a13629d052391e31469.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

ac24951b465bfc8470d7a2f3b420aed5265287d5f0477a13629d052391e31469
Size

749KB
MD5

4b18a594ab0926ba4965d11762b2f81e
SHA1

24de1b1cb05805ef2d9778d3994914531781a752
SHA256

ac24951b465bfc8470d7a2f3b420aed5265287d5f0477a13629d052391e31469
SHA512

c8220ee8eb0cd1a422ddf21e9dab1edf49b1cf22805e5824cf430bf64aaf1c20b76d18f141274c749d0940a172e9d2fe72915e7512e2da6e7f0433f6d4d66096
SSDEEP

12288:SrRDz3X5PoCrCy1YV1Y2K5Mtwm0HCDaV77D5WEsqQqIslq07p/jK7ylpDBbeV4R1:odz37rCy01YpiymNm77D5WbqIslgyBBz

Score

N/A

Malware Config

Signatures

Files

ac24951b465bfc8470d7a2f3b420aed5265287d5f0477a13629d052391e31469
.exe windows x86

95c943bbdbc38f93a8faa5b6edddce57

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RemoveDirectoryA
GetModuleFileNameA
GetModuleHandleA
WriteFile
CreateThread
CreateSemaphoreW
FindClose
SetLastError
SetStdHandle
HeapCreate
IsBadWritePtr
CreateDirectoryA
GetDriveTypeA
RemoveDirectoryA
ExitThread
CloseHandle
SuspendThread
FindAtomA
GetFileType
SetVolumeLabelA
GetCommandLineA
HeapFree
ResumeThread
GetVersion
CreatePipe

uxtheme

DrawThemeEdge
CloseThemeData
IsThemeActive
SetWindowTheme
OpenThemeData
CloseThemeData
GetThemeColor
GetWindowTheme
DrawThemeBackground
GetThemeBool
GetThemeSysSize
GetThemeTextExtent
GetThemeTextMetrics

olesvr32

OleRevokeServer
OleRevokeServer
OleRevokeServer
OleRevokeServer

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 741KB - Virtual size: 740KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy