95a6268a641cd3baf5c8d4123d62058f95d6ffa3da109ad077e6fb700566e4d0 | Triage

Submit
Reports

Overview

overview

8

Static

static

95a6268a64...d0.exe

windows7-x64

8

95a6268a64...d0.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

95a6268a641cd3baf5c8d4123d62058f95d6ffa3da109ad077e6fb700566e4d0.exe

Resource

win7-20221111-en

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

95a6268a641cd3baf5c8d4123d62058f95d6ffa3da109ad077e6fb700566e4d0.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

95a6268a641cd3baf5c8d4123d62058f95d6ffa3da109ad077e6fb700566e4d0
Size

297KB
MD5

c31da53b298482f588ad3d0b3340afa6
SHA1

c79a9e992d300b5675fb5a699cdb4f2861416ebf
SHA256

95a6268a641cd3baf5c8d4123d62058f95d6ffa3da109ad077e6fb700566e4d0
SHA512

0b770dcff4f200f9d0da2e099225de7d7b25eb902d99913134946b6992f2aee1238b2f4a1f135365ea63a123899b085cc0b01dc75a2695e3e17f1e5e468f207e
SSDEEP

6144:nP7tZ0ok5453YSvNGhHW+tGOvlIZmAt61YcLMVI3ILHYIdwwjQvJ:nXk2+cMhHWeZqZmTKI3IzYINQvJ

Score

N/A

Malware Config

Signatures

Files

95a6268a641cd3baf5c8d4123d62058f95d6ffa3da109ad077e6fb700566e4d0
.exe windows x86

37f1643ea0e68c1ed733ae9c17f7f697

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
CloseHandle
GetComputerNameA
GetModuleHandleA
SetEvent
GetSystemTime
CreateFileA
GetCommandLineW
SetLastError
FindAtomA
ResetEvent
GetExitCodeProcess
CreateThread
GetDiskFreeSpaceW
GetTickCount
SuspendThread
GetFileAttributesA
HeapCreate
LocalFree
LoadLibraryW

advapi32

RegQueryValueA
RegDeleteKeyA
RegEnumValueA
IsTokenRestricted
RegCreateKeyExA
CloseEventLog
RegCloseKey
GetFileSecurityA
CreateServiceW
RegEnumKeyExA
CredFree
GetLengthSid
GetUserNameW

cryptui

CryptUIDlgSelectCA
LocalEnroll
WizardFree
CryptUIDlgCertMgr
CryptUIDlgSelectStoreA

powercfg.cpl

CPlApplet

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 286KB - Virtual size: 286KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy