79aba3ade7d411e49bb46559b2ca8f4bc1dbb29456829f3b6bf447414ee6c63b | Triage

Submit
Reports

Overview

overview

7

Static

static

79aba3ade7...3b.exe

windows7-x64

7

79aba3ade7...3b.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

79aba3ade7d411e49bb46559b2ca8f4bc1dbb29456829f3b6bf447414ee6c63b.exe

Resource

win7-20221111-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

79aba3ade7d411e49bb46559b2ca8f4bc1dbb29456829f3b6bf447414ee6c63b.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

6 signatures

150 seconds

General

Target

79aba3ade7d411e49bb46559b2ca8f4bc1dbb29456829f3b6bf447414ee6c63b
Size

174KB
MD5

347706c1241d0f5d57af4bb5a245ade3
SHA1

791ecc2538e2228a079f68f49961b1f953db5a02
SHA256

79aba3ade7d411e49bb46559b2ca8f4bc1dbb29456829f3b6bf447414ee6c63b
SHA512

ef9298cb7430c695f7baf5dce3b472870c1a851b3e16015590ef2c1ccbdc02d10bb65a110b5a30e53dbf1afb5b6b044813967028c9dc6d367b52c0bed168e914
SSDEEP

3072:+VNqkjXrvbelF41mmgcbPuOr+7fhug9U999xSBNJ91E3FQC:+Vdvbef1mPLJ+7fhuaSQ

Score

N/A

Malware Config

Signatures

Files

79aba3ade7d411e49bb46559b2ca8f4bc1dbb29456829f3b6bf447414ee6c63b
.exe windows x86

768ba8fb3680dc23057b742712900845

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxW
IsWindow

shell32

SHGetSpecialFolderLocation
SHCreateDirectoryExW
CommandLineToArgvW

kernel32

ExitProcess
FindFirstFileW
FindNextFileW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFullPathNameW
GetModuleHandleA
GetProcAddress
SetUnhandledExceptionFilter
Sleep
TerminateProcess
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect
lstrlenW
InterlockedExchange

msvcrt

_cexit
_controlfp
_exit
_initterm
_ismbblead
_wcsdup
_wcslwr
exit
free
memset
printf
wcsstr
wprintf
_amsg_exit
__setusermatherr
__set_app_type
__p__fmode
__p__commode
_XcptFilter
__getmainargs

gdi32

PolyDraw
ArcTo

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

Exports

Exports

CloseDatabase
GotoBookmark
MawDeviceCallback
PszMonthFromIndex
SetFontOnRichEd
Term

Sections

.text
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 396B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy