a78875e99d0ce80a7dbd7f235d90581c4575d12e6f5ec4bfe951bcdbc1e38bb2 | Triage

Submit
Reports

Overview

overview

Static

static

a78875e99d...b2.exe

windows7-x64

a78875e99d...b2.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

a78875e99d0ce80a7dbd7f235d90581c4575d12e6f5ec4bfe951bcdbc1e38bb2.exe

Resource

win7-20221111-en

evasion persistence

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

a78875e99d0ce80a7dbd7f235d90581c4575d12e6f5ec4bfe951bcdbc1e38bb2.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

a78875e99d0ce80a7dbd7f235d90581c4575d12e6f5ec4bfe951bcdbc1e38bb2
Size

214KB
MD5

6cd7ab257b42ed5266965285dccc6e56
SHA1

25f68bbfb3400aebfa2ea017960ca2c3ac1e9bb4
SHA256

a78875e99d0ce80a7dbd7f235d90581c4575d12e6f5ec4bfe951bcdbc1e38bb2
SHA512

90423e8f83a6927024e8edbeb04006cecc3d883749213845365bcd0bdaad79fafad8372cd99617c836efbf3486b770f330d4dfd547ec2f78e26c232fa1912685
SSDEEP

6144:P3c99MeInpZdSdwE3VQuXS8k/PucdiZ9Xi:/8MeIp6d93+2HoiDi

Score

N/A

Malware Config

Signatures

Files

a78875e99d0ce80a7dbd7f235d90581c4575d12e6f5ec4bfe951bcdbc1e38bb2
.exe windows x86

30d0867081b1d6b8751af21a175b48d4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindAtomW
GetFileType
SetLastError
ReadFile
GetFileTime
GetModuleHandleA
SuspendThread
GetCommandLineW
VirtualAlloc
CloseHandle
SetLastError
WaitForSingleObject
RemoveDirectoryA
GetFileAttributesA
HeapSize
IsBadReadPtr
EnterCriticalSection
GetVersion
SetFileAttributesW
ExitProcess
GetEnvironmentVariableW
CreateFileA
GetCurrentDirectoryW
Sleep
DeleteFileW

cryptui

CryptUIWizBuildCTL
CryptUIWizExport
DllUnregisterServer
CryptUIDlgFreeCAContext
CryptUIDlgFreeCAContext
CryptUIWizDigitalSign
CryptUIWizImport
CryptUIDlgSelectStoreA
CryptUIDlgViewContext
DllRegisterServer
CryptUIDlgFreeCAContext
LocalEnroll
LocalEnrollNoDS

cmpbk32

PhoneBookFreeFilter
PhoneBookFreeFilter
PhoneBookFreeFilter
PhoneBookFreeFilter

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 206KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy