850e339970a2ad097e963cb62b28b9262d81675a42d29dfb305c92dc735af798 | Triage

Submit
Reports

Overview

overview

1

Static

static

850e339970...98.exe

windows7-x64

850e339970...98.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

850e339970a2ad097e963cb62b28b9262d81675a42d29dfb305c92dc735af798.exe

Resource

win7-20221111-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

850e339970a2ad097e963cb62b28b9262d81675a42d29dfb305c92dc735af798.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

850e339970a2ad097e963cb62b28b9262d81675a42d29dfb305c92dc735af798
Size

280KB
MD5

17ec094d3526355daea17e959f6b3fed
SHA1

ae8814f716b297c6d2b7955f75972c699e3dfbf1
SHA256

850e339970a2ad097e963cb62b28b9262d81675a42d29dfb305c92dc735af798
SHA512

2fc7ff0db3571a2d89f824cbba3c694eb6333cb491447d12ec82aec2680d64afcaad0dba6ef4afee17143ee3b03bef6c77e637ab88dbb711ff32739cbab63261
SSDEEP

6144:8/Qk2SEj7ucgwX6LfeTK2AGvApLltJ1t6rzQyx:CQkLEWcgwAUAGvAprt6HQK

Score

N/A

Malware Config

Signatures

Files

850e339970a2ad097e963cb62b28b9262d81675a42d29dfb305c92dc735af798
.exe windows x86

d82ff9b2f632a017fccdb99a03dab205

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResetEvent
InterlockedExchange
CreateMutexW
FreeConsole
GetPrivateProfileIntW
SuspendThread
CreateEventW
CloseHandle
GetEnvironmentVariableA
GetCommandLineW
VirtualAllocEx
lstrlenA
GetSystemInfo
WriteFile
LoadLibraryW
LocalFree
ReleaseMutex
LocalSize
GlobalFree
GetStdHandle

advapi32

IsValidSid
IsValidSecurityDescriptor
CreateServiceA
CloseEventLog
ControlService
IsTextUnicode
RegEnumKeyW
RegDeleteValueA
RegCreateKeyExW
ClearEventLogW
RegQueryValueW
InitializeSid
RegCloseKey

dssec

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

hdwwiz.cpl

InstallNewDevice

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 295KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy