b1d2b95b6fb5c132e5fe473b1afcb6053a2475bb90b674559fcf10f15adf48e9 | Triage

Submit
Reports

Overview

overview

8

Static

static

b1d2b95b6f...e9.exe

windows7-x64

8

b1d2b95b6f...e9.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

b1d2b95b6fb5c132e5fe473b1afcb6053a2475bb90b674559fcf10f15adf48e9.exe

Resource

win7-20220812-en

discovery persistence upx

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

b1d2b95b6fb5c132e5fe473b1afcb6053a2475bb90b674559fcf10f15adf48e9.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

b1d2b95b6fb5c132e5fe473b1afcb6053a2475bb90b674559fcf10f15adf48e9
Size

768KB
MD5

4198776066342715fc415ba91c925259
SHA1

2df6b10f9cd0196925488d06b46da731cfbf1ea1
SHA256

b1d2b95b6fb5c132e5fe473b1afcb6053a2475bb90b674559fcf10f15adf48e9
SHA512

10122efef3849a1b0d265b2b749834642a50eec52ae9492c2a95a8d0ffb4fe41520e1a3e80e56c0863b2855b838eab9f9aea45c64b12dd6a542d7a5291b0e872
SSDEEP

12288:GdJlA3hcNTfGK022EgV22V9gssG/wopJBFBRPsPaXJ7LYWs2s32SYu:hRclM2cVKU5pJBF6aZ7LHs2s3

Score

N/A

Malware Config

Signatures

Files

b1d2b95b6fb5c132e5fe473b1afcb6053a2475bb90b674559fcf10f15adf48e9
.exe windows x86

227881e5b4cb9a150c8bc5b3cfb3abf7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapDestroy
SetLastError
ReleaseMutex
GetVersion
GetStartupInfoA
HeapSize
FatalExit
CreateDirectoryW
ReleaseSemaphore
RemoveDirectoryW
RemoveDirectoryW
ReleaseSemaphore
GetCommandLineW
OpenEventW
GetStdHandle
LoadLibraryA
CreateMutexA
DeleteFileA
CreateFileMappingW
VirtualProtect
CreateFileA
SetLastError
MapViewOfFile
lstrlenA
GetFileSize

cryptui

CryptUIWizDigitalSign
WizardFree
CryptUIWizExport
DllRegisterServer
LocalEnrollNoDS
CryptUIDlgViewContext
WizardFree
LocalEnroll
CryptUIWizImport
CryptUIStartCertMgr
DllUnregisterServer
CryptUIDlgFreeCAContext
CryptUIWizBuildCTL

iernonce

RunOnceExProcess
InitCallback
RunOnceExProcess
InitCallback

Sections

.text
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 760KB - Virtual size: 760KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy