858f047da1261ab3dba012393eedb2dc2d557d0fd27ef7b9f0189b2d308f71f8 | Triage

Submit
Reports

Overview

overview

6

Static

static

858f047da1...f8.exe

windows7-x64

6

858f047da1...f8.exe

windows10-2004-x64

6

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

858f047da1261ab3dba012393eedb2dc2d557d0fd27ef7b9f0189b2d308f71f8.exe

Resource

win7-20220901-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

858f047da1261ab3dba012393eedb2dc2d557d0fd27ef7b9f0189b2d308f71f8.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

2 signatures

150 seconds

General

Target

858f047da1261ab3dba012393eedb2dc2d557d0fd27ef7b9f0189b2d308f71f8
Size

37KB
MD5

648acadccc56485eab9fe45bd8dc6554
SHA1

44589f1b6245d4fb9784b900f0a8b44fd4f406df
SHA256

858f047da1261ab3dba012393eedb2dc2d557d0fd27ef7b9f0189b2d308f71f8
SHA512

c0e911d37f7aba242ec2597185c3f7390532f9e28a843686b3c24af1f0229ef7e33f033adb67976fda57751a91a39123cd6a200239c6194fca4f09ce8c13aecd
SSDEEP

384:+6Safyv/CBR14jgijkCwZk4rtJC3oWHARsHaSkCOH+zpuMBGTmiiGWi/owHxXvjk:+3U2iu+kYJlMOH3FnToIf1898W3B

Score

N/A

Malware Config

Signatures

Files

858f047da1261ab3dba012393eedb2dc2d557d0fd27ef7b9f0189b2d308f71f8
.exe windows x86

cd23c16193dab87c8817956d8f56508f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpynA
lstrcpyA
GlobalMemoryStatus
GetModuleHandleA
FreeLibrary
GetStartupInfoA
CloseHandle
GetProcAddress
ExitThread
WinExec
GetCurrentProcess
Sleep
CreateThread
GetTickCount
LoadLibraryA

user32

wsprintfA

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
rand
strcpy
memcpy
memset
printf
srand
time
strncpy
strcspn
strlen
strstr
strcat
atoi
sprintf
strchr
??2@YAPAXI@Z
__CxxFrameHandler
_CxxThrowException
_except_handler3
??3@YAXPAX@Z
??1type_info@@UAE@XZ
_exit
_XcptFilter
exit
_acmdln

ws2_32

sendto
inet_addr
htons
setsockopt
WSASocketA
WSAStartup
closesocket
send
connect
socket
shutdown
gethostbyname
inet_ntoa
htonl

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy