817d7a8f1e197884b7c448c984601492f11b7f1c24ccfca400ad991fe805e3f3 | Triage

Submit
Reports

Overview

overview

8

Static

static

817d7a8f1e...f3.exe

windows7-x64

8

817d7a8f1e...f3.exe

windows10-2004-x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

817d7a8f1e197884b7c448c984601492f11b7f1c24ccfca400ad991fe805e3f3.exe

Resource

win7-20220812-en

discovery persistence upx

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

817d7a8f1e197884b7c448c984601492f11b7f1c24ccfca400ad991fe805e3f3.exe

Resource

win10v2004-20220901-en

discovery persistence upx

windows10-2004-x64

3 signatures

150 seconds

General

Target

817d7a8f1e197884b7c448c984601492f11b7f1c24ccfca400ad991fe805e3f3
Size

749KB
MD5

5124881fc5fe46461dbe9986c4410e21
SHA1

eb2e332f2224d5022547ebc2db49f82d6816c6cd
SHA256

817d7a8f1e197884b7c448c984601492f11b7f1c24ccfca400ad991fe805e3f3
SHA512

5a32991f53e5725eca4bd2a6e9fd364a30c898e4776b4e3f5f015b26a50484853f908df82865d9168a422e2fdd6d046ec416538fdaa2d18e81844a50502c33b8
SSDEEP

12288:pA1Cwy0FS44RQ3PJR/3LUXP2UUZkhwpNPliDI7aFf7aEGrtXWHxkks//w6e:pXJrSR/7sUZkENis+x38mxnsXw

Score

N/A

Malware Config

Signatures

Files

817d7a8f1e197884b7c448c984601492f11b7f1c24ccfca400ad991fe805e3f3
.exe windows x86

d6cdb8a8adc4709d4b9f2591c91e3657

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RemoveDirectoryA
ResetEvent
WriteFile
OpenEventA
SetLocalTime
GetModuleHandleA
CreateFileMappingW
CreateEventW
Sleep
FindClose
SetStdHandle
CreateDirectoryW
GetFileType
ReleaseMutex
SetEvent
RemoveDirectoryA
FindClose
GetLastError
DeleteFileA
WriteConsoleW
HeapFree
VirtualProtectEx
GetCommandLineA
CreateMailslotW
lstrlenA

ntshrui

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

cmcfg32

CMConfig
CMConfig
CMConfig
CMConfig

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 741KB - Virtual size: 740KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy