0b13fe0eba3ff45f50d2bd481bfd510351e8128194162a950dd61896bc1098d2 | Triage

Submit
Reports

Overview

overview

Static

static

0b13fe0eba...d2.exe

windows7-x64

0b13fe0eba...d2.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

0b13fe0eba3ff45f50d2bd481bfd510351e8128194162a950dd61896bc1098d2.exe

Resource

win7-20220812-en

evasion persistence

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

0b13fe0eba3ff45f50d2bd481bfd510351e8128194162a950dd61896bc1098d2.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

0b13fe0eba3ff45f50d2bd481bfd510351e8128194162a950dd61896bc1098d2
Size

212KB
MD5

7381e8beae05310d6a716b6f7d06154b
SHA1

610d6d82204275ca8713e7b20e23de7241db8ad2
SHA256

0b13fe0eba3ff45f50d2bd481bfd510351e8128194162a950dd61896bc1098d2
SHA512

00ebcbe03e0242461817ca0e1f78e6c8b07c779aafa5ea69d0daf2582f7d6df89dba68ad2d012a8c92b9238df8c6394f6988625dfbc0db8f8e560ddcefc862e9
SSDEEP

6144:dtdpcmnD5rpSiH2Gw4/RI7Em8f5L3wgdD2SLYr15:d5rD5IiYqGeLvZEJ5

Score

N/A

Malware Config

Signatures

Files

0b13fe0eba3ff45f50d2bd481bfd510351e8128194162a950dd61896bc1098d2
.exe windows x86

c3d11a32a38f063431785329320e8fb2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentDirectoryA
GetTickCount
SetFileAttributesA
ReleaseMutex
FindAtomA
CreateFileA
HeapCreate
IsBadCodePtr
WaitForSingleObject
GetEnvironmentVariableA
CloseHandle
FindVolumeClose
InitializeCriticalSection
ResumeThread
GetModuleHandleA
GetStartupInfoW
DeleteFileA
ExitProcess
GetFileSize
ResetEvent
GetTickCount
HeapDestroy
SetEndOfFile
FindVolumeClose
HeapSize

wininet

DeleteUrlCacheEntryA
FtpGetCurrentDirectoryW
FtpFindFirstFileA
FindCloseUrlCache
DeleteUrlCacheEntryA
FtpOpenFileA
FtpGetFileW
FtpDeleteFileA
FtpPutFileA
FtpCreateDirectoryW
DeleteUrlCacheEntryA
HttpQueryInfoA
HttpEndRequestA

serwvdrv

DriverProc
DriverProc
DriverProc
DriverProc

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 206KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy