5c266669faa0f6f4469002fefaab7d622863234b59f391c67f157b391ec2f001 | Triage

Submit
Reports

Overview

overview

Static

static

5c266669fa...01.exe

windows7-x64

5c266669fa...01.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

5c266669faa0f6f4469002fefaab7d622863234b59f391c67f157b391ec2f001.exe

Resource

win7-20221111-en

evasion persistence

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

5c266669faa0f6f4469002fefaab7d622863234b59f391c67f157b391ec2f001.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

5c266669faa0f6f4469002fefaab7d622863234b59f391c67f157b391ec2f001
Size

182KB
MD5

b2f9c4d7a56ba2010ce7df5095cd2b88
SHA1

7fee93691e62a57a8bf31ab4e09ef7770af3bd27
SHA256

5c266669faa0f6f4469002fefaab7d622863234b59f391c67f157b391ec2f001
SHA512

5b4d59252ed4d0c39fcbe571d538ce44b90d9fefe7f7948f25afc23717ad7e32b190d51744e63ecbc77d15e685ddd58ab9f6873396a449f2dabcf0d46bd22a53
SSDEEP

3072:iSexSO8y/9VZ92PMcTaeV11n722A8J3DtVpXsjRmTdkCV6g166lRgeMTALTpDdgl:ix9Z/9EP3tV72ITtrTWe6gpTC5

Score

N/A

Malware Config

Signatures

Files

5c266669faa0f6f4469002fefaab7d622863234b59f391c67f157b391ec2f001
.exe windows x86

2bca9d28cbf40dd6c6b8d638a1c60076

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

winspool.drv

ClosePrinter

kernel32

GetVersionExW
lstrcpyA
RemoveDirectoryW
lstrcmpiW
LoadLibraryA
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
WideCharToMultiByte
MulDiv
lstrlenA
WriteFile
ReadFile
MultiByteToWideChar

shell32

ord201
ShellExecuteA

advapi32

RegQueryValueExW
RegOpenKeyExW
ElfOpenBackupEventLogA
RegSetValueExW
RegCreateKeyExW
RegCloseKey

Sections

.text
Size: 125KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 54KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy