c0eaafeff843e3b5c092628327f096755be2198325681bb2e9e37a7ac8b0b5f1 | Triage

Submit
Reports

Overview

overview

9

Static

static

c0eaafeff8...f1.exe

windows7-x64

9

c0eaafeff8...f1.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

c0eaafeff843e3b5c092628327f096755be2198325681bb2e9e37a7ac8b0b5f1.exe

Resource

win7-20221111-en

evasion ransomware

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

c0eaafeff843e3b5c092628327f096755be2198325681bb2e9e37a7ac8b0b5f1.exe

Resource

win10v2004-20221111-en

evasion ransomware

windows10-2004-x64

10 signatures

150 seconds

General

Target

c0eaafeff843e3b5c092628327f096755be2198325681bb2e9e37a7ac8b0b5f1
Size

336KB
MD5

689438fb583579c54751331fe68c62fe
SHA1

fb24dc168444c0c61e3562122d05fbf73c10f9d6
SHA256

c0eaafeff843e3b5c092628327f096755be2198325681bb2e9e37a7ac8b0b5f1
SHA512

add08e44aeacef548a814e8c4c94bb4ec4c10440a4d9fe2e1a4542e802f3ca6eb9a06eecf63870e0cda04ee9096601644a5d325778a4c17284c4228e45420b6e
SSDEEP

6144:QbwyzC/C9qgskW110cCo1ODmaxWOMkOaFTM/fr2RKOw/:QblzCNnXNJ1gmmMkvq3r2Re/

Score

N/A

Malware Config

Signatures

Files

c0eaafeff843e3b5c092628327f096755be2198325681bb2e9e37a7ac8b0b5f1
.exe windows x86

aed2385c8cce4b70393b50727909db6e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowTextA
IsCharAlphaA
GetDesktopWindow
EnumChildWindows
SetWindowTextW
DialogBoxParamA
GetActiveWindow
SetDlgItemTextW

ole32

CoRevokeClassObject

comctl32

InitCommonControlsEx

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

kernel32

HeapCreate
DeleteCriticalSection
GetDateFormatA
HeapFree
LoadResource
FindResourceA
HeapDestroy
InitializeCriticalSection
ExitProcess
GetTickCount
FreeLibrary
GetProcAddress
LoadLibraryA
LocalFree
LocalAlloc
ResumeThread
IsBadStringPtrA

Sections

.text
Size: 324KB - Virtual size: 323KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy