d00bd41bf509ce38477612f5cbfd667dc506cbba2162f71e8ccb84611dbdad0b | Triage

Submit
Reports

Overview

overview

1

Static

static

d00bd41bf5...0b.exe

windows7-x64

d00bd41bf5...0b.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

d00bd41bf509ce38477612f5cbfd667dc506cbba2162f71e8ccb84611dbdad0b.exe

Resource

win7-20221111-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

d00bd41bf509ce38477612f5cbfd667dc506cbba2162f71e8ccb84611dbdad0b.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

d00bd41bf509ce38477612f5cbfd667dc506cbba2162f71e8ccb84611dbdad0b
Size

427KB
MD5

c97d5cda64135af3ce4dbfbaa3cd7b50
SHA1

6d90b45338475a534ec366fa724bae210de9af64
SHA256

d00bd41bf509ce38477612f5cbfd667dc506cbba2162f71e8ccb84611dbdad0b
SHA512

8710724f8f863e552c5519381b92fe50d9866d61165bd908c7596830e6b4a8abaa51a5cabaafb550e16cca9dca282c8a26f09ec5f9f76e63be3382768e83b34c
SSDEEP

6144:eh+tyXKA6P196JHZLLDoqPeGn7tJBMOuwgz0wW07MpezITXcntdxa8Wg2rU:eYLA6r61doqPFuwJ0WXctXa80rU

Score

N/A

Malware Config

Signatures

Files

d00bd41bf509ce38477612f5cbfd667dc506cbba2162f71e8ccb84611dbdad0b
.exe windows x86

f09f9442c88b58ed5f485b26fd01a1f1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalSize
HeapCreate
WaitForMultipleObjects
GetDriveTypeA
GetFileAttributesA
GetCommandLineA
ExitThread
CloseHandle
GetModuleHandleA
WriteFile
SetFileAttributesW
CancelIo
IsBadReadPtr
GetCommandLineW
lstrlenA
GetFileTime
GetCurrentDirectoryW
HeapFree
FindClose
FindVolumeClose
EnterCriticalSection
MapViewOfFile
FindVolumeClose
GetModuleFileNameA
GetFileType

uxtheme

SetWindowTheme
OpenThemeData
CloseThemeData
GetThemeTextExtent
IsThemeActive
GetThemeTextMetrics
DrawThemeBackground
GetWindowTheme
GetThemeColor
GetThemeBool
DrawThemeEdge
CloseThemeData
GetThemeEnumValue

dmocx

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 604KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 444KB - Virtual size: 443KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy