9ed5bbd5f640db11ac053409f641259cddde49abc42acecc32c7b621b4e26abb | Triage

Submit
Reports

Overview

overview

1

Static

static

9ed5bbd5f6...bb.exe

windows7-x64

1

9ed5bbd5f6...bb.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

9ed5bbd5f640db11ac053409f641259cddde49abc42acecc32c7b621b4e26abb.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

9ed5bbd5f640db11ac053409f641259cddde49abc42acecc32c7b621b4e26abb.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

9ed5bbd5f640db11ac053409f641259cddde49abc42acecc32c7b621b4e26abb
Size

820KB
MD5

6fd248076a44cc03cb250ea9c987fb97
SHA1

eb90124622d8cc2fe9f499f091d5f7e4ca003df9
SHA256

9ed5bbd5f640db11ac053409f641259cddde49abc42acecc32c7b621b4e26abb
SHA512

dc2a66b908aa91948b331a30ae282bd6f3b24d99c1df171df0b06355d6643de9c3daf1361c197326100b3efaa629240ae5c1a23cd0503572373b6fdd4f7ab448
SSDEEP

24576:7/RMmmr8HI+l7eRdOUI4YZHkldhZlnVcKH/nK:7/RMHrojSMUI4QklznVcK

Score

N/A

Malware Config

Signatures

Files

9ed5bbd5f640db11ac053409f641259cddde49abc42acecc32c7b621b4e26abb
.exe windows x86

5544f4b839b619727549205145a1d87d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindVolumeClose
GetACP
GetModuleHandleW
CreateEventA
WriteFile
VirtualAlloc
lstrlenA
GlobalFree
ResetEvent
GetPrivateProfileIntW
GetCommandLineA
CreateMutexA
ResumeThread
GetExitCodeProcess
GlobalSize
LocalFree
GetEnvironmentVariableW
InterlockedExchange
CloseHandle
GetStdHandle

advapi32

ControlService
IsValidSid
CreateServiceA
IsTextUnicode
RegDeleteValueA
RegDeleteKeyA
RegQueryValueW
ClearEventLogA
RegCreateKeyExW
CloseEventLog
RegCloseKey
IsValidAcl
RegEnumKeyW

admparse

ResetAdmDirtyFlag
ResetAdmDirtyFlag
ResetAdmDirtyFlag
ResetAdmDirtyFlag
AdmClose

appwiz.cpl

ConfigStartMenu

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 810KB - Virtual size: 810KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy