951d38be6c3de6655ed033331a18250b22466379b56eae6c20058d82054f1f10 | Triage

Submit
Reports

Overview

overview

8

Static

static

951d38be6c...10.exe

windows7-x64

8

951d38be6c...10.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

951d38be6c3de6655ed033331a18250b22466379b56eae6c20058d82054f1f10.exe

Resource

win7-20220812-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

951d38be6c3de6655ed033331a18250b22466379b56eae6c20058d82054f1f10.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

5 signatures

150 seconds

General

Target

951d38be6c3de6655ed033331a18250b22466379b56eae6c20058d82054f1f10
Size

305KB
MD5

1db3c5f1d2802042ecf2cf15b76c81f4
SHA1

bdfff96b14844755812934554273192ede415373
SHA256

951d38be6c3de6655ed033331a18250b22466379b56eae6c20058d82054f1f10
SHA512

724c1a794599c0e10b0e099ef297a504b9c0ecbe5b5f36ad299fabb798270e92c6229f7494a38b677090ae669e3dc384bf49039c9c91dad45bf2b369c24e69a1
SSDEEP

6144:jBxOJXQvWbbVA7p6NmcKBPW+0c7+rccR5bqoUH8AO:jBiYWbbVLtKBOlc7ly3Uz

Score

N/A

Malware Config

Signatures

Files

951d38be6c3de6655ed033331a18250b22466379b56eae6c20058d82054f1f10
.exe windows x86

2b8496cca7e0f068cb3ce819553878d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
DeleteFileA
Sleep
GetTickCount
SetLastError
lstrlenA
GetLocalTime
CreateMutexA
SetLastError
GetStartupInfoA
GlobalFree
HeapSize
CloseHandle
CreateSemaphoreA
CreateHardLinkA
SetEvent
VirtualProtectEx
CreateDirectoryW
GetFileAttributesW
WriteConsoleA
GetProcessHeap

rsaenh

DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer

wmdmlog

DllGetClassObject
DllUnregisterServer
DllRegisterServer
DllCanUnloadNow

wininet

FtpCommandW

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 296KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy