ad9273a6ade080a09c3492cd99f39cc27fa517e3c44d825bde9982510834427b | Triage

Submit
Reports

Overview

overview

7

Static

static

ad9273a6ad...7b.exe

windows7-x64

7

ad9273a6ad...7b.exe

windows10-2004-x64

7

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

ad9273a6ade080a09c3492cd99f39cc27fa517e3c44d825bde9982510834427b.exe

Resource

win7-20220901-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

ad9273a6ade080a09c3492cd99f39cc27fa517e3c44d825bde9982510834427b.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

6 signatures

150 seconds

General

Target

ad9273a6ade080a09c3492cd99f39cc27fa517e3c44d825bde9982510834427b
Size

176KB
MD5

df4cbc5b1363f5c2d3a34be5ca069569
SHA1

0ff1c800a301a06caa4a6b52630a944653a80045
SHA256

ad9273a6ade080a09c3492cd99f39cc27fa517e3c44d825bde9982510834427b
SHA512

6332c0fc0fb70dc1b6ec405c41ff2da370c13c7d1e1dbbae687af2b61f677d56f0476ff1814f07aa56f902e5f2129cafbf5b50c81711258016dc48c9f4b2c69e
SSDEEP

3072:LhxvOvoq1qNvoNzlCnnfdcPlHIWOSTVNAyMMULmMng0yslB7d8w:L/Wj4uNzlefdaHicULpngulM

Score

N/A

Malware Config

Signatures

Files

ad9273a6ade080a09c3492cd99f39cc27fa517e3c44d825bde9982510834427b
.exe windows x86

6e1a1b024a09b4ee08e5a1d9b5bc6bf4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHCreateDirectoryExW
CommandLineToArgvW
SHGetSpecialFolderLocation

msvcrt

wprintf
wcsstr
printf
memset
free
exit
_wcslwr
_wcsdup
_ismbblead
_exit
_controlfp
_cexit
_amsg_exit
__setusermatherr
__set_app_type
__p__fmode
__p__commode
__getmainargs
_XcptFilter
_initterm

user32

IsWindow

gdi32

ArcTo
PolyDraw

kernel32

lstrlenW
VirtualProtect
VirtualFree
VirtualAlloc
UnhandledExceptionFilter
ExitProcess
Sleep
SetUnhandledExceptionFilter
InterlockedExchange
GetProcAddress
GetModuleHandleA
GetCurrentProcessId
FindNextFileW
FindFirstFileW
TerminateProcess

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW

Exports

Exports

AInputSegment
AInputStream
CreateIndex
DescribeLayerPlane
GetQueryParameterInfo
HrEtreamSeekBegin
PszDupLenA
QueryMemStatus

Sections

.text
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 414B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy