9c0e69defa3e84f2d3b5ab08cc81710c9de46c8a1454e7c1b56c53ad4f321956 | Triage

Submit
Reports

Overview

overview

1

Static

static

9c0e69defa...56.exe

windows7-x64

9c0e69defa...56.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

9c0e69defa3e84f2d3b5ab08cc81710c9de46c8a1454e7c1b56c53ad4f321956.exe

Resource

win7-20221111-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

9c0e69defa3e84f2d3b5ab08cc81710c9de46c8a1454e7c1b56c53ad4f321956.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

9c0e69defa3e84f2d3b5ab08cc81710c9de46c8a1454e7c1b56c53ad4f321956
Size

272KB
MD5

074d552a5b3e0864cd384b1b99fade93
SHA1

c3180f637de141b2c00a36fd09f23f972cb7a084
SHA256

9c0e69defa3e84f2d3b5ab08cc81710c9de46c8a1454e7c1b56c53ad4f321956
SHA512

240de9693d128e39e909e7bce26b744cdf44bb288cea500ff6ec4141eeca1a1f970644a7febddb599a7d182d2e0780d24e9fdc2b8de7f5e3442225289b017c13
SSDEEP

1536:pRAWDRl63Merov+ZDrPFGtFINVgmD5Y6a5EHNcFRfBic9kQbERY/ZW:tD23MerGOggY6cEHNcFV4M

Score

N/A

Malware Config

Signatures

Files

9c0e69defa3e84f2d3b5ab08cc81710c9de46c8a1454e7c1b56c53ad4f321956
.exe windows x86

3b4de68ab1a4b8068ddc5f80ddbbf940

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

ZwSetInformationObject
swprintf
ZwClose
ZwOpenFile
RtlImageNtHeader
RtlStringFromGUID
RtlDosPathNameToNtPathName_U
LdrFindEntryForAddress
ZwQueryInformationProcess
RtlRandom
ZwAllocateLocallyUniqueId
RtlFreeUnicodeString
wcscpy
ZwQueryValueKey
ZwOpenKey
wcslen
RtlInitUnicodeString
RtlPrefixUnicodeString
RtlGetCurrentPeb
wcscat
memcpy
memset

kernel32

LocalAlloc
ExitProcess
CreateProcessW
GetModuleHandleW
GetTickCount
GetSystemTimeAsFileTime
LocalFree

advapi32

MD5Update
MD5Final
MD5Init

cabinet

ord20
ord22
ord23

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 486B - Virtual size: 486B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy