dde99d1fcbc3514cbac36b32e63546a04602c3af1841dd977a765fa055b5f783 | Triage

Submit
Reports

Overview

overview

Static

static

dde99d1fcb...83.exe

windows7-x64

dde99d1fcb...83.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

dde99d1fcbc3514cbac36b32e63546a04602c3af1841dd977a765fa055b5f783.exe

Resource

win7-20220812-en

evasion persistence

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

dde99d1fcbc3514cbac36b32e63546a04602c3af1841dd977a765fa055b5f783.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

dde99d1fcbc3514cbac36b32e63546a04602c3af1841dd977a765fa055b5f783
Size

197KB
MD5

420b44a71fe8d51164cb30d3da3add76
SHA1

35161a1224d78b7060e1691622b7f451fe217275
SHA256

dde99d1fcbc3514cbac36b32e63546a04602c3af1841dd977a765fa055b5f783
SHA512

e5abb326eb2782776054b7850a6f32ec6a64aed216dfcbd47d984f8e8bda2d938c687f62f0cec2e87c4a3c1cb1771e09ded8966e5d01b0f56f5440b036990442
SSDEEP

6144:3UhODiJ4hfV4uRxnwei8ej0EJfhs+5kKFVBfKKnsH:Jx4uR9JejNt+4VB1U

Score

N/A

Malware Config

Signatures

Files

dde99d1fcbc3514cbac36b32e63546a04602c3af1841dd977a765fa055b5f783
.exe windows x86

f346cb9afb510187319fe9b86684ef6c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSize
ReleaseMutex
GetCurrentDirectoryA
FindAtomW
DeleteAtom
GetEnvironmentVariableA
SetEndOfFile
CloseHandle
ExitProcess
VirtualAlloc
GetStdHandle
IsBadReadPtr
EnterCriticalSection
GetVersion
FindVolumeClose
GetCommandLineA
SetFileAttributesA
DeleteFileA
HeapSize
ResumeThread
FindVolumeClose
GetModuleHandleA
GetExitCodeThread
WaitForSingleObject
CreateFileA

shell32

DragFinish
ExtractIconA
DllUnregisterServer
ShellAboutA
SHGetDiskFreeSpaceA
DuplicateIcon
StrChrA
ShellMessageBoxA
DragAcceptFiles
SHGetMalloc
SHGetSettings
SHFree
DragQueryFileA

snmpapi

SnmpTfxClose
SnmpTfxClose
SnmpTfxClose
SnmpTfxClose

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 190KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy