677297ddffba06c0b77f6627051c2e90ffbd82a8d62adee77fe1dd8ba5685299 | Triage

Submit
Reports

Overview

overview

Static

static

677297ddff...99.exe

windows7-x64

677297ddff...99.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

677297ddffba06c0b77f6627051c2e90ffbd82a8d62adee77fe1dd8ba5685299.exe

Resource

win7-20220812-en

evasion persistence

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

677297ddffba06c0b77f6627051c2e90ffbd82a8d62adee77fe1dd8ba5685299.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

677297ddffba06c0b77f6627051c2e90ffbd82a8d62adee77fe1dd8ba5685299
Size

207KB
MD5

cfda1dbf55448a4dccf56cb18a4997c4
SHA1

b734f8325eec4155420a5c567306f6bdd27ab07d
SHA256

677297ddffba06c0b77f6627051c2e90ffbd82a8d62adee77fe1dd8ba5685299
SHA512

29870effda44ca8c9b10b7e98e28631d5b33ffa82657955a71615192f1aa0a3d5bd53c9505378c3d181cc8afb024309ecefe6d7f32367627cf9e5e125b98a653
SSDEEP

6144:wyZhODiJ4hfV4uRxnwei8ej0EJfhs+5kKFVBfKKns3:wykx4uR9JejNt+4VB1k

Score

N/A

Malware Config

Signatures

Files

677297ddffba06c0b77f6627051c2e90ffbd82a8d62adee77fe1dd8ba5685299
.exe windows x86

0b9efd0e3f7f52bdafd3b5268febfffa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
SetFileAttributesA
GetCurrentDirectoryA
HeapDestroy
ResetEvent
ReleaseMutex
GetFileSize
FindVolumeClose
SetEndOfFile
WaitForSingleObject
GetTickCount
HeapSize
CloseHandle
IsBadCodePtr
FindVolumeClose
GetStartupInfoW
ResumeThread
ExitProcess
VirtualAlloc
EnterCriticalSection
DeleteFileA
GetModuleHandleA
FindAtomA
GetEnvironmentVariableA
CreateFileA

wininet

FtpFindFirstFileA
DeleteUrlCacheEntryA
FtpPutFileA
FtpCreateDirectoryW
HttpEndRequestA
DeleteUrlCacheEntryA
FtpOpenFileA
FtpGetFileW
FtpDeleteFileA
FindCloseUrlCache
FtpGetCurrentDirectoryW
DeleteUrlCacheEntryA
HttpQueryInfoA

sisbkup

SisRestoredLink
SisRestoredLink
SisRestoredLink
SisRestoredLink

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 200KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy