09696d49a857d38d35bc332f62176e36dbb9ede82f01f82a8db378c168ec5aca | Triage

Submit
Reports

Overview

overview

8

Static

static

09696d49a8...ca.exe

windows7-x64

8

09696d49a8...ca.exe

windows10-2004-x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

09696d49a857d38d35bc332f62176e36dbb9ede82f01f82a8db378c168ec5aca.exe

Resource

win7-20220812-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

09696d49a857d38d35bc332f62176e36dbb9ede82f01f82a8db378c168ec5aca.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

3 signatures

150 seconds

General

Target

09696d49a857d38d35bc332f62176e36dbb9ede82f01f82a8db378c168ec5aca
Size

175KB
MD5

131cc243c16f66af59ea44f584f28920
SHA1

9324524b96fc4e1078dfb2e7e9b0d1d6561ba201
SHA256

09696d49a857d38d35bc332f62176e36dbb9ede82f01f82a8db378c168ec5aca
SHA512

77808b7268a85c9583a62fce963dffb177716420cca3c18103893be3d74ade36d6b50c57a378a65ba5c70ef1542fa5b4b720ff76e6a0a163dd7354c8d1c058f5
SSDEEP

3072:1uoBFe14D81ADyvm9foJ4AtLDhOLZsNp7celajOleOx/FNhEXM6f4Dzv:1uoBFegDSm9gTLDILyjRAceOx/FnE1fK

Score

N/A

Malware Config

Signatures

Files

09696d49a857d38d35bc332f62176e36dbb9ede82f01f82a8db378c168ec5aca
.exe windows x86

5b412c50037ead7e15922a105ab847df

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CreateFileA
GetLastError
GetProcAddress
GetTempPathA
LoadLibraryA
VirtualProtect
SetThreadUILanguage
GetModuleHandleW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
UnhandledExceptionFilter
GetStdHandle
WideCharToMultiByte
FormatMessageW
LocalFree
CloseHandle
lstrlenW
CreateFileW

user32

GetCursorPos
EnumChildWindows
SetTimer
SetFocus
LoadIconW
ShowWindow
SetWindowLongW
SendMessageW
GetDlgItem
GetWindowLongW

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 12B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 54B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy