02eefb40d6f934e168f4d4e5fc055c45fd63d49f193b2f1e30433b83a0236f71 | Triage

Submit
Reports

Overview

overview

8

Static

static

02eefb40d6...71.exe

windows7-x64

8

02eefb40d6...71.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

02eefb40d6f934e168f4d4e5fc055c45fd63d49f193b2f1e30433b83a0236f71.exe

Resource

win7-20221111-en

discovery persistence upx

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

02eefb40d6f934e168f4d4e5fc055c45fd63d49f193b2f1e30433b83a0236f71.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

02eefb40d6f934e168f4d4e5fc055c45fd63d49f193b2f1e30433b83a0236f71
Size

773KB
MD5

ee01a67af16743b8459ea5d81f00053b
SHA1

d9f08211285e82f735323b38a0443a4a5b2b5d37
SHA256

02eefb40d6f934e168f4d4e5fc055c45fd63d49f193b2f1e30433b83a0236f71
SHA512

4dd18de7be3076acb8b72580d204410d1cb806f1b54323c8ef66a699fba6f8ca756d356543a56e54d4b5c531dad0f754f16c6531785dde05a639d8c17b0992b6
SSDEEP

12288:xjrOlKbMn51Rq5Axkni/pcc9IMlfqQeOC2fDoFN/EjVJlxh5dEF+vyEWXuo4v:xjwP1R+kiisQw2fDw/6dytD4

Score

N/A

Malware Config

Signatures

Files

02eefb40d6f934e168f4d4e5fc055c45fd63d49f193b2f1e30433b83a0236f71
.exe windows x86

c152e8a2c6b6ccccb141deaf4563698c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
Sleep
CloseHandle
GetStartupInfoA
GetCommandLineA
CloseHandle
FindResourceA
ReleaseMutex
HeapDestroy
ResumeThread
OpenMutexW
CreateEventA
DeleteFileA
HeapCreate
GetModuleHandleA
VirtualQueryEx
GetModuleFileNameW
GetTickCount
GetTimeFormatA
lstrlenW

advapi32

IsValidSid
CreateServiceW
ControlService
RegQueryValueW
RegCreateKeyExW
CreateProcessAsUserA
RegEnumKeyA
IsTextUnicode
RegDeleteValueA
ClearEventLogW
InitializeSid
IsValidSecurityDescriptor
IsValidAcl

ntlanman

NPOpenEnum
NPOpenEnum
NPOpenEnum
NPOpenEnum

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 763KB - Virtual size: 763KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy