d5602426d3aa186c9c136896794bf4a3a6ef01a28549d59435549cfae8f90648 | Triage

Submit
Reports

Overview

overview

8

Static

static

d5602426d3...48.exe

windows7-x64

8

d5602426d3...48.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

d5602426d3aa186c9c136896794bf4a3a6ef01a28549d59435549cfae8f90648.exe

Resource

win7-20220812-en

discovery persistence upx

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

d5602426d3aa186c9c136896794bf4a3a6ef01a28549d59435549cfae8f90648.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

d5602426d3aa186c9c136896794bf4a3a6ef01a28549d59435549cfae8f90648
Size

769KB
MD5

eb270d62a56bb410b715a89cb4b8d496
SHA1

ec0eea7a2a1462995f92cb7f120fa07b8b3267db
SHA256

d5602426d3aa186c9c136896794bf4a3a6ef01a28549d59435549cfae8f90648
SHA512

71d13ea5b06d80af459d35a56006c6ee755f5cc90251d3584061f644a107140454c93f8d52d0a8bc58499008d8a83b98a1f64785231c8e17f4628af6a8cb36e2
SSDEEP

12288:tHTLnLIoy8dInAXRGgG1JuSyF3/BoVZYRp2thlMP4txb7GBHcFZUzED7GcNgrxhi:tfL/ougJ46VZYjclKKbDFyEDtNWpg

Score

N/A

Malware Config

Signatures

Files

d5602426d3aa186c9c136896794bf4a3a6ef01a28549d59435549cfae8f90648
.exe windows x86

7da9d2644f4851198739f42ef18372d5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
FindClose
SetStdHandle
CreateFileMappingW
RemoveDirectoryA
GetDriveTypeA
Sleep
VirtualProtectEx
ReleaseSemaphore
CreateFileA
WriteFile
GetModuleHandleA
WriteConsoleW
GetCommandLineA
RemoveDirectoryA
GetFileType
ReleaseMutex
CreateDirectoryW
CreateMutexA
FindClose
OpenEventW
DeleteFileA
HeapFree
ResetEvent
lstrlenA

user32

DestroyMenu
PeekMessageA
CreateIcon
MessageBoxA
DrawTextW
DispatchMessageA
IsZoomed
IsWindow
GetClassInfoA
DestroyMenu
GetSysColor
FindWindowA
GetWindowLongA

eappprxy

EapHostPeerEndSession
EapHostPeerEndSession
EapHostPeerEndSession
EapHostPeerEndSession

Sections

.text
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 760KB - Virtual size: 760KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy