694030bff715f7a95b790dfaf9eda6be11461671ec630b8c05b328e845041141 | Triage

Submit
Reports

Overview

overview

8

Static

static

694030bff7...41.exe

windows7-x64

8

694030bff7...41.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

694030bff715f7a95b790dfaf9eda6be11461671ec630b8c05b328e845041141.exe

Resource

win7-20220901-en

discovery persistence upx

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

694030bff715f7a95b790dfaf9eda6be11461671ec630b8c05b328e845041141.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

694030bff715f7a95b790dfaf9eda6be11461671ec630b8c05b328e845041141
Size

741KB
MD5

84459761adc5d1a8bd49ba2740a35ae4
SHA1

587dfd282c613e4f58be3bafcdc9c1cb2e9448b4
SHA256

694030bff715f7a95b790dfaf9eda6be11461671ec630b8c05b328e845041141
SHA512

8b9ba98b96cb5781580f82a7cf4e935494134b857ebafddff69c6108348aadcec7dde58435b301d9e931f471b4cf80a4c810c541f669d6add1fc63038eb4b027
SSDEEP

12288:vEPVvRg1hvtGQ4i7YmeOQc2oNgDetraXeVMb8smpZmC6UPQ8n3eGYGSLxfNFaLWU:MPV5g1J+iBeOQsgDetuXeVMbo4CZPfnB

Score

N/A

Malware Config

Signatures

Files

694030bff715f7a95b790dfaf9eda6be11461671ec630b8c05b328e845041141
.exe windows x86

c273a93d7f074aa61579ee3a6ee1fe0c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
GetTickCount
FindClose
FindClose
GetFileSize
GetCurrentDirectoryA
GetModuleHandleA
ReleaseMutex
HeapCreate
CreateFileA
ResumeThread
InitializeCriticalSection
HeapDestroy
WaitForSingleObject
SetEndOfFile
FindAtomA
HeapSize
GetTickCount
SetFileAttributesA
ExitProcess
IsBadCodePtr
ResetEvent
GetStartupInfoW
GetEnvironmentVariableA
CloseHandle

wininet

FtpGetCurrentDirectoryA
DeleteUrlCacheEntryA
DeleteUrlCacheEntryA
DeleteUrlCacheEntryA
HttpQueryInfoA
FindCloseUrlCache
FtpFindFirstFileA
FtpGetFileA
FtpPutFileA
HttpEndRequestA
FtpDeleteFileA
FtpCreateDirectoryA
FtpOpenFileA

qmgrprxy

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 736KB - Virtual size: 735KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy