6ad94f0b3cb948d19c342285aad600a36a47a1131d70986434ea5e639bc3041e | Triage

Submit
Reports

Overview

overview

1

Static

static

6ad94f0b3c...1e.exe

windows7-x64

6ad94f0b3c...1e.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

6ad94f0b3cb948d19c342285aad600a36a47a1131d70986434ea5e639bc3041e.exe

Resource

win7-20220901-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

6ad94f0b3cb948d19c342285aad600a36a47a1131d70986434ea5e639bc3041e.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

6ad94f0b3cb948d19c342285aad600a36a47a1131d70986434ea5e639bc3041e
Size

8KB
MD5

98785c2a610e02f13ad34ac4600bcf5d
SHA1

57193e51f829b0240aa2a54d4efeceacae89bb2f
SHA256

6ad94f0b3cb948d19c342285aad600a36a47a1131d70986434ea5e639bc3041e
SHA512

51d3fb5e533888ae8e707b34d5d13f875865b4bf565962634d2f05d5ebcc908dc222358964f08d9ad76d055e3b04a2bcede29b658f25770af835f8ac11424269
SSDEEP

192:Oo8xBPlqnEPZMuOh/ylR8wki8zyRneIlRv9:riZMuVX7RnxvV

Score

N/A

Malware Config

Signatures

Files

6ad94f0b3cb948d19c342285aad600a36a47a1131d70986434ea5e639bc3041e
.exe windows x86

a0e30e827f19d15a611e7981a52bf25a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
GlobalFree
InterlockedExchange
CreateMutexA
FindVolumeClose
WriteFile
VirtualAlloc
GetEnvironmentVariableW
lstrlenA
GetACP
CreateEventA
GetExitCodeProcess
ResumeThread
LocalFree
GlobalSize
CloseHandle
ResetEvent
GetPrivateProfileIntW
GetCommandLineA
GetStdHandle

advapi32

RegEnumKeyW
RegDeleteKeyA
IsValidSid
ControlService
IsValidAcl
ClearEventLogA
RegCreateKeyExW
RegQueryValueW
CreateServiceA
RegCloseKey
CloseEventLog
RegDeleteValueA
IsTextUnicode

admparse

ResetAdmDirtyFlag
ResetAdmDirtyFlag
ResetAdmDirtyFlag
AdmClose
ResetAdmDirtyFlag

appwiz.cpl

ConfigStartMenu

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 295KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy