678cdbdb697ec9781db77a575b0f4bf11d654d350b3dbfad942d859487d4496c | Triage

Submit
Reports

Overview

overview

8

Static

static

678cdbdb69...6c.exe

windows7-x64

8

678cdbdb69...6c.exe

windows10-2004-x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

678cdbdb697ec9781db77a575b0f4bf11d654d350b3dbfad942d859487d4496c.exe

Resource

win7-20220812-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

678cdbdb697ec9781db77a575b0f4bf11d654d350b3dbfad942d859487d4496c.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

5 signatures

150 seconds

General

Target

678cdbdb697ec9781db77a575b0f4bf11d654d350b3dbfad942d859487d4496c
Size

297KB
MD5

74c0ee31e6f303df0438bb789396fb01
SHA1

c2d100f151f61a8e7bbbac6b74dd18afb245bad9
SHA256

678cdbdb697ec9781db77a575b0f4bf11d654d350b3dbfad942d859487d4496c
SHA512

1634defe3c28319bc4582af047d0dbb419b0c552ffcaf0958d6e0240f28491eb6207374a03e92c1db3e0c595e077952546ae1325495e2719822025498216a29a
SSDEEP

6144:4UaeH4vkpk+PUjhe5rOOTsU3w4KgfRHmJZwdCqU/LB67zlcA:keH40cjhelOQsU3wRg5HmJEXMLB699

Score

N/A

Malware Config

Signatures

Files

678cdbdb697ec9781db77a575b0f4bf11d654d350b3dbfad942d859487d4496c
.exe windows x86

5e14d38f8e637fe1f7e96411fe308274

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetStringTypeW
Heap32First
InterlockedIncrement
LoadLibraryA
GetLastError
ReadConsoleA
SetEnvironmentVariableA
FindResourceW
ReadFileEx
CloseHandle
GetDiskFreeSpaceW
GetCurrentDirectoryA
lstrcpyW
WaitForSingleObject
InterlockedDecrement
HeapCreate
ExitProcess
GetPrivateProfileIntA
lstrcmpA
GetDiskFreeSpaceW
GetExitCodeProcess

adsldpc

ADsCloseSearchHandle
ADsDeleteClassDefinition
ADsExecuteSearch
ADsEnumAttributes

clbcatq

SetupOpen
CheckMemoryGates
DllGetClassObject
SetSetupSave
SetSetupSave
SetupOpen
ComPlusMigrate
DllGetClassObject
ComPlusMigrate
CheckMemoryGates
ComPlusMigrate
CheckMemoryGates
SetupOpen

version

VerFindFileA

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 292KB - Virtual size: 291KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy