6b3dfea454001cf9bbc0372a9267b865098d1b9f0b839b6414c9bef21ef7da15 | Triage

Submit
Reports

Overview

overview

1

Static

static

6b3dfea454...15.exe

windows7-x64

6b3dfea454...15.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

6b3dfea454001cf9bbc0372a9267b865098d1b9f0b839b6414c9bef21ef7da15.exe

Resource

win7-20220901-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

6b3dfea454001cf9bbc0372a9267b865098d1b9f0b839b6414c9bef21ef7da15.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

6b3dfea454001cf9bbc0372a9267b865098d1b9f0b839b6414c9bef21ef7da15
Size

29KB
MD5

84e3c69d98121b6a937b4ca50f148696
SHA1

af774eef23044930252471d5946f268380813f94
SHA256

6b3dfea454001cf9bbc0372a9267b865098d1b9f0b839b6414c9bef21ef7da15
SHA512

b5d517b0d8e10606960e1067cbbad7c3860f8361017505a6106c4fb99df6b147f60c69f13ef6504a593827ad4db7e71ed2ab1fb5c9718e3ceb22e0908ae18da9
SSDEEP

384:auLYhh5f9pWKqGwEuQ9t503YlyeqAU1ObIRDV1tfD3rxOkn6ALC14bC/yFg/MeJ7:auehpWK0XAbIf1ND34KrLzg1JpD5

Score

N/A

Malware Config

Signatures

Files

6b3dfea454001cf9bbc0372a9267b865098d1b9f0b839b6414c9bef21ef7da15
.exe windows x86

e7c2d6491347b62c6122330b5f833d04

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenMutexA
CreateMutexA
lstrlen
Sleep
GetOEMCP
OpenProcess
CloseHandle
DeleteFileA
GetTempPathA
GetBinaryTypeA
CreateFileA
GetFileSize
SetFilePointer
ReadFile
CreateProcessA
SetProcessWorkingSetSize
WaitForSingleObject
lstrcpynA
RtlMoveMemory
GetProcessHeap
GetModuleHandleA
ExitProcess
HeapAlloc
HeapReAlloc
HeapFree
IsBadReadPtr
FreeLibrary
GetProcAddress
LoadLibraryA
LCMapStringA

urlmon

URLDownloadToFileA

psapi

GetModuleFileNameExA
EnumProcesses

shlwapi

PathFileExistsA
PathFindFileNameA

wininet

InternetOpenUrlA
InternetReadFile
InternetCloseHandle
InternetOpenA

user32

WaitForInputIdle
wvsprintfA
MessageBoxA
wsprintfA

iphlpapi

GetAdaptersInfo

msvcrt

strncmp
modf
memmove
malloc
free
strchr
_CIfmod
sprintf
??3@YAXPAX@Z
strncpy
tolower
_ftol
atoi

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy