49302badb52051175641f6f34ceb9a7297d133af500a5647fc3f17f8d64c0d42 | Triage

Submit
Reports

Overview

overview

1

Static

static

49302badb5...42.exe

windows7-x64

49302badb5...42.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

49302badb52051175641f6f34ceb9a7297d133af500a5647fc3f17f8d64c0d42.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

49302badb52051175641f6f34ceb9a7297d133af500a5647fc3f17f8d64c0d42.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

49302badb52051175641f6f34ceb9a7297d133af500a5647fc3f17f8d64c0d42
Size

72KB
MD5

63b0531c78a9e206c12f32c786ad8f40
SHA1

bcf19b83f7ce023a5323b2051c408d96e0485a5b
SHA256

49302badb52051175641f6f34ceb9a7297d133af500a5647fc3f17f8d64c0d42
SHA512

75463afc2e193830f7b022d8afbd2062d76d0abf2e209d2dd491e03866f218f786c8e332d7d6c73c99f12b28e97631e53739ff63883335ea2991e8df7dc2b7af
SSDEEP

1536:wJjutH1JUVOFYdgGjigTFxbDqXbtll06E4QuOZvg0:wJju5UkFG1mCrqBXzQLD

Score

N/A

Malware Config

Signatures

Files

49302badb52051175641f6f34ceb9a7297d133af500a5647fc3f17f8d64c0d42
.exe windows x86

891faff83f1e7fc015b649a32d4ad427

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ReadConsoleA
GetLastError
CopyFileA
GetLogicalDrives
AddAtomA
ReadConsoleA
SetEvent
CloseHandle
GetFileAttributesA
VirtualProtect
GetStringTypeW
GetPrivateProfileSectionW
HeapDestroy
GetDriveTypeW
Sleep
GetStartupInfoA
lstrlenW
FindAtomW
ReadConsoleA
LoadLibraryW
HeapSize

dsprop

ReportError
FindSheet
FindSheet
MsgBox
ErrMsg
ErrMsg
MsgBox
MsgBox
CheckADsError
FindSheet
ReportError
CheckADsError
ErrMsg

mmcndmgr

DllCanUnloadNow
DllRegisterServer
CreateExecutivePlatform
DllGetClassObject

Sections

.text
Size: 1024B - Virtual size: 855B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 8KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 1.4MB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 802KB - Virtual size: 801KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.import
Size: 512B - Virtual size: 67B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.export
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy