97c98bf7d02d7ffd10bb0fe593458a6cac5bf983cf6954880439622c4f54e077 | Triage

Submit
Reports

Overview

overview

1

Static

static

97c98bf7d0...77.exe

windows7-x64

1

97c98bf7d0...77.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

97c98bf7d02d7ffd10bb0fe593458a6cac5bf983cf6954880439622c4f54e077.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

97c98bf7d02d7ffd10bb0fe593458a6cac5bf983cf6954880439622c4f54e077.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

97c98bf7d02d7ffd10bb0fe593458a6cac5bf983cf6954880439622c4f54e077
Size

820KB
MD5

3d22fa3c5d751d101840127f849cb3dc
SHA1

94a7d5e71b3bc9a56e48647091951fb807efd5d1
SHA256

97c98bf7d02d7ffd10bb0fe593458a6cac5bf983cf6954880439622c4f54e077
SHA512

32140225d1e4ff992e73eec595716dbf1ae3e3655405fde4556130c05af83c24fe768690d3366e016c58f9f65bf68a99de6459329fb17bbffe6b121d1a6202fe
SSDEEP

12288:nKRRMBk74etnsZKhWzd6A6EjZlE0SHmuvRboXdWbabs0yF+AYi57y/QjWm/:KRRMBs41MQAGrWHnboXQ+HyHRMm

Score

N/A

Malware Config

Signatures

Files

97c98bf7d02d7ffd10bb0fe593458a6cac5bf983cf6954880439622c4f54e077
.exe windows x86

b1c47dc7231b90d6ac19d76343e70cc8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResetEvent
VirtualAlloc
GetEnvironmentVariableW
GlobalFree
GetModuleHandleW
GetStdHandle
InterlockedExchange
WriteFile
CreateEventA
GlobalSize
CreateMutexA
CloseHandle
lstrlenA
GetACP
GetCommandLineA
ResumeThread
GetExitCodeProcess
LocalFree
FindVolumeClose
GetPrivateProfileIntW

advapi32

RegDeleteKeyA
IsValidSid
RegDeleteValueA
IsValidAcl
RegEnumKeyW
RegQueryValueW
ClearEventLogA
CreateServiceA
IsTextUnicode
RegCreateKeyExW
ControlService
CloseEventLog
RegCloseKey

admparse

ResetAdmDirtyFlag
ResetAdmDirtyFlag
ResetAdmDirtyFlag
AdmClose
ResetAdmDirtyFlag

appwiz.cpl

ConfigStartMenu

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 810KB - Virtual size: 810KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy