9674ea12eeef31e898075ebd95cffe382a0936fb7433c0e50e91fbff31229c31 | Triage

Submit
Reports

Overview

overview

1

Static

static

9674ea12ee...31.exe

windows7-x64

1

9674ea12ee...31.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

9674ea12eeef31e898075ebd95cffe382a0936fb7433c0e50e91fbff31229c31.exe

Resource

win7-20221111-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

9674ea12eeef31e898075ebd95cffe382a0936fb7433c0e50e91fbff31229c31.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

9674ea12eeef31e898075ebd95cffe382a0936fb7433c0e50e91fbff31229c31
Size

381KB
MD5

bde23785f7eb2114f0e1f4072ff48e29
SHA1

2cd23cd5b2a18ce1a6ca2a4c60982dc64aaca4d1
SHA256

9674ea12eeef31e898075ebd95cffe382a0936fb7433c0e50e91fbff31229c31
SHA512

c0b302ff76a9f1d787f00ee0d1b956a41e0e366028f47c0ed12cb33749edfeedcc0a56cea0458cd111dc30532ac6002462a760bf4c9fbfcedc378a9be28da320
SSDEEP

6144:Fe5oRMhiWjhtgYXL7TO6dHyF6EDWVUlMVcZOV6fGhmLjAR73t3ygCkv:AeRMnlbq6Vxh8MV9VOpO73tokv

Score

N/A

Malware Config

Signatures

Files

9674ea12eeef31e898075ebd95cffe382a0936fb7433c0e50e91fbff31229c31
.exe windows x86

3d5773d5137878574b78f2c455ee4ef5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
GetModuleHandleW
ResetEvent
CreateMutexA
FindVolumeClose
GetExitCodeProcess
GetEnvironmentVariableW
ResumeThread
GlobalFree
LocalFree
GlobalSize
GetPrivateProfileIntW
VirtualAlloc
CloseHandle
InterlockedExchange
CreateEventA
GetStdHandle
GetACP
lstrlenA
GetCommandLineA

advapi32

RegDeleteValueA
IsValidSid
ControlService
IsTextUnicode
RegCreateKeyExW
CloseEventLog
ClearEventLogA
IsValidAcl
RegEnumKeyW
CreateServiceA
RegQueryValueW
RegDeleteKeyA
RegCloseKey

admparse

ResetAdmDirtyFlag
ResetAdmDirtyFlag
ResetAdmDirtyFlag
AdmClose
ResetAdmDirtyFlag

appwiz.cpl

ConfigStartMenu

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 372KB - Virtual size: 371KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy