3b39a0c3a47cfd900f64d12c02206d0daf7158cfa829e2de4a538dc82c45b9d3 | Triage

Submit
Reports

Overview

overview

1

Static

static

3b39a0c3a4...d3.exe

windows7-x64

1

3b39a0c3a4...d3.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

3b39a0c3a47cfd900f64d12c02206d0daf7158cfa829e2de4a538dc82c45b9d3.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

3b39a0c3a47cfd900f64d12c02206d0daf7158cfa829e2de4a538dc82c45b9d3.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

3b39a0c3a47cfd900f64d12c02206d0daf7158cfa829e2de4a538dc82c45b9d3
Size

380KB
MD5

1acf0eaaf4df6b4cce7c2c93825d0f80
SHA1

cf45c2fdb95683c9466521e43c3ec8a1db4a2d71
SHA256

3b39a0c3a47cfd900f64d12c02206d0daf7158cfa829e2de4a538dc82c45b9d3
SHA512

a3b1e644bde5c2b0fa13fe85ec462c7c4c5e43cbce44f63c354b2eb87d2ac8ee060c45c16702c3948f52bd77d319fd1142d4b629a921d13af925d69506149017
SSDEEP

6144:xvOL18+URMliWjhtgYXL7TO6dHyF6EDWVUlMVcZOV6fGhmLjAR73t3ygCkv:xvOZ8+URMDlbq6Vxh8MV9VOpO73tokv

Score

N/A

Malware Config

Signatures

Files

3b39a0c3a47cfd900f64d12c02206d0daf7158cfa829e2de4a538dc82c45b9d3
.exe windows x86

6fa6c899835ebfd0e28c99a51fd2d5c2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchange
GetCommandLineA
GetModuleHandleW
FindVolumeClose
GetACP
ResumeThread
LocalFree
ResetEvent
lstrlenA
CreateMutexA
GlobalFree
WriteFile
GetPrivateProfileIntW
VirtualAlloc
CreateEventA
CloseHandle
GetStdHandle
GetExitCodeProcess
GetEnvironmentVariableW
GlobalSize

advapi32

RegEnumKeyW
ControlService
IsValidAcl
RegQueryValueW
RegDeleteValueA
IsTextUnicode
RegDeleteKeyA
RegCreateKeyExW
CloseEventLog
IsValidSid
ClearEventLogA
RegCloseKey
CreateServiceA

admparse

ResetAdmDirtyFlag
AdmClose
ResetAdmDirtyFlag
ResetAdmDirtyFlag
ResetAdmDirtyFlag

appwiz.cpl

ConfigStartMenu

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 370KB - Virtual size: 370KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy