bab8cfe052267af8cd93349c00aa5ed7a077424e8d2180f021d5367f18c0d36d | Triage

Submit
Reports

Overview

overview

8

Static

static

bab8cfe052...6d.exe

windows7-x64

8

bab8cfe052...6d.exe

windows10-2004-x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

bab8cfe052267af8cd93349c00aa5ed7a077424e8d2180f021d5367f18c0d36d.exe

Resource

win7-20221111-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

bab8cfe052267af8cd93349c00aa5ed7a077424e8d2180f021d5367f18c0d36d.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

5 signatures

150 seconds

General

Target

bab8cfe052267af8cd93349c00aa5ed7a077424e8d2180f021d5367f18c0d36d
Size

50KB
MD5

f38cd9484c4a5914e4cb3e9d03c61deb
SHA1

f8cddca98332765912698d82385c97184cd51282
SHA256

bab8cfe052267af8cd93349c00aa5ed7a077424e8d2180f021d5367f18c0d36d
SHA512

e0e949e28cf19a194a17103fdfeeec7564ece79752de6508f3bb317aa0942267934c73473231de7d36ca0f064cea63664b685d39dbfcdff9c8f359dcca11b397
SSDEEP

768:UXg140EjFo01iDTukGrK8sCK1CkH015wHeqbodQeYBEbSbhLT:qg140EhiDT101sCKIkHbHBMQeuhL

Score

N/A

Malware Config

Signatures

Files

bab8cfe052267af8cd93349c00aa5ed7a077424e8d2180f021d5367f18c0d36d
.exe windows x86

0588202b0d0038eef7d6af69d8ed6153

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExA
RegOpenKeyExA
RegCloseKey

shlwapi

StrStrA

kernel32

lstrlenA
lstrcpyA
ExitProcess
GetLastError
CopyFileA
CloseHandle
WriteFile
ReadFile
OpenFile
SetFileAttributesA
lstrcmpiA
GetFileAttributesA
lstrcpynA
lstrcatA
GetWindowsDirectoryA
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
CreateToolhelp32Snapshot
SizeofResource
LoadResource
FindResourceA
HeapFree
CreateProcessA
HeapAlloc
GetProcessHeap
DeleteFileA
Sleep
ExitThread
SetThreadPriority
GetCurrentThread
GetEnvironmentVariableA
GetVersion
OpenMutexA
OpenProcess
SetLastError
LockResource
GetCommandLineA
DuplicateHandle
GetCurrentProcess
VirtualAllocEx
CreateRemoteThread
GetExitCodeThread
WaitForSingleObject

user32

CharUpperA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy