881277ca648fe3c98e6fcc50273f044dba5da8ded3e80b3c56d5467a3be66bc3 | Triage

Submit
Reports

Overview

overview

8

Static

static

881277ca64...c3.exe

windows7-x64

8

881277ca64...c3.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

881277ca648fe3c98e6fcc50273f044dba5da8ded3e80b3c56d5467a3be66bc3.exe

Resource

win7-20221111-en

discovery persistence upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

881277ca648fe3c98e6fcc50273f044dba5da8ded3e80b3c56d5467a3be66bc3.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

881277ca648fe3c98e6fcc50273f044dba5da8ded3e80b3c56d5467a3be66bc3
Size

822KB
MD5

c7b133c9448165e21505b017e2c3ea5d
SHA1

629d450720736dbff5457b16d8951fff435b6560
SHA256

881277ca648fe3c98e6fcc50273f044dba5da8ded3e80b3c56d5467a3be66bc3
SHA512

efa39ad1aaeb4c78806ff8905a9d7234f0353d013e06a3be4444c44b565c6cd36f23f9c2b699abe6eafefcd2b9f0b2ab7a81d534033131ec0b9cce50506ba649
SSDEEP

12288:oN2UURTDs0wxj02q22Lpm7OWCzuO/W1eDc8oYVuGyFnfCL3XvxvGpU3kdY+:oNdUJg0jZMOzzuO/W1e7uGpLPYIU

Score

N/A

Malware Config

Signatures

Files

881277ca648fe3c98e6fcc50273f044dba5da8ded3e80b3c56d5467a3be66bc3
.exe windows x86

54d20b7a76c80c0ad98b6ce48e37997b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
GetEnvironmentVariableA
lstrlenA
GlobalSize
LocalFree
ResumeThread
CreateEventA
InterlockedExchange
GetModuleHandleW
WriteFile
CloseHandle
ResetEvent
GetDriveTypeW
GetExitCodeProcess
VirtualAlloc
GetPrivateProfileIntW
FindVolumeClose
GetCommandLineA
CreateMutexA
GetACP

user32

GetCursorInfo
EndDialog
SetFocus
CallWindowProcW
DispatchMessageA
GetSysColor
GetKeyboardType
GetSysColor
GetClientRect
CreateWindowExA
IsWindow
GetClassInfoA
DrawStateW

avicap32

videoThunk32
videoThunk32
videoThunk32
AppCleanup
videoThunk32

sysdm.cpl

NoExecuteAddFileOptOutList

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 812KB - Virtual size: 812KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy