82e61c17179e9e54ef044c38c0ebd84757e268c7befada209798a358999764a0 | Triage

Submit
Reports

Overview

overview

8

Static

static

82e61c1717...a0.exe

windows7-x64

8

82e61c1717...a0.exe

windows10-2004-x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

82e61c17179e9e54ef044c38c0ebd84757e268c7befada209798a358999764a0.exe

Resource

win7-20221111-en

evasion persistence upx

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

82e61c17179e9e54ef044c38c0ebd84757e268c7befada209798a358999764a0.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

82e61c17179e9e54ef044c38c0ebd84757e268c7befada209798a358999764a0
Size

233KB
MD5

f378fe32cea271f78c8f96d1b1eb79ab
SHA1

53ceb36f522bd36963929b17a07a20070ca8cddb
SHA256

82e61c17179e9e54ef044c38c0ebd84757e268c7befada209798a358999764a0
SHA512

f879f33a4a7cbc475f9444787c5adca7cf751b04eb144b557f072c72767449aab0d4d700aedb7dae967e7c1c9ba77d007226784ad87dfe88eadec864edf5e8b1
SSDEEP

6144:mhczSK0xst01yWrWfZFykIn/dTTl+nqQp6SCDNYnrHz:hzpm1ZSfZFWVQcSfnDz

Score

N/A

Malware Config

Signatures

Files

82e61c17179e9e54ef044c38c0ebd84757e268c7befada209798a358999764a0
.exe windows x86

6b8015d82682bbb88e80fe9d26dd429a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
WaitForSingleObject
ReleaseMutex
HeapSize
SuspendThread
CreateMutexW
ResetEvent
AddAtomA
ExitProcess
CreateFileA
GetModuleHandleA
HeapCreate
GetTickCount
GetCurrentDirectoryA
DeleteFileA
FindClose
GetTickCount
SetEndOfFile
GetFileSize
GetSystemInfo
GetStartupInfoW
GetEnvironmentVariableA
CloseHandle
HeapDestroy
SetLastError

shell32

ShellAboutA
DuplicateIcon
DragAcceptFiles
DragQueryFileA
ShellMessageBoxA
SHGetMalloc
SHGetSettings
SHGetDiskFreeSpaceA
SHFree
ExtractIconA
DragFinish
StrChrA
DllUnregisterServer

dswave

DllGetClassObject
DllGetClassObject
DllGetClassObject
DllGetClassObject

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 724KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 226KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy