954a8b31525eb44a15b4ef84bc663bd408000ae7852f6d167e8f83230da5f814 | Triage

Submit
Reports

Overview

overview

8

Static

static

954a8b3152...14.exe

windows7-x64

8

954a8b3152...14.exe

windows10-2004-x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

954a8b31525eb44a15b4ef84bc663bd408000ae7852f6d167e8f83230da5f814.exe

Resource

win7-20220812-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

954a8b31525eb44a15b4ef84bc663bd408000ae7852f6d167e8f83230da5f814.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

5 signatures

150 seconds

General

Target

954a8b31525eb44a15b4ef84bc663bd408000ae7852f6d167e8f83230da5f814
Size

16KB
MD5

71abd5de76d76b17bce93a0a7d8d4d36
SHA1

9218d722a0e8aab0da520a42879218d70f4cb13f
SHA256

954a8b31525eb44a15b4ef84bc663bd408000ae7852f6d167e8f83230da5f814
SHA512

21c46325f98abb65a964e90eadaf2d5a175a4a25a9adf7b3967e3a283fea80992e2f99400c366db9be95542bf12f378a264ca58e48f7441ee56f51bd8b6ef115
SSDEEP

384:5MxF8lNW0ax/F82+rrlTCirMxRZv6mFhzF4xm:5Mztj3+UWMP31

Score

N/A

Malware Config

Signatures

Files

954a8b31525eb44a15b4ef84bc663bd408000ae7852f6d167e8f83230da5f814
.exe windows x86

7657ec3df70fc3da4828ab7a0bc5e2ef

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExA
RegOpenKeyExA
RegCloseKey

shlwapi

StrStrA

kernel32

lstrlenA
lstrcpyA
ExitProcess
GetLastError
CopyFileA
CloseHandle
WriteFile
ReadFile
OpenFile
SetFileAttributesA
lstrcmpiA
GetFileAttributesA
lstrcpynA
lstrcatA
GetWindowsDirectoryA
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
CreateToolhelp32Snapshot
SizeofResource
LoadResource
FindResourceA
CreateProcessA
DeleteFileA
Sleep
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
GetEnvironmentVariableA
GetExitCodeThread
FreeLibrary
WaitForSingleObject
LoadLibraryA
OpenProcess
GetVersion
LockResource
GetCommandLineA
DuplicateHandle
VirtualAllocEx
CreateRemoteThread
SetLastError

user32

CharUpperA

shell32

ShellExecuteExA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy