be69e99261cd76162ff94933c961471459f2e43eceab878b83336246dbfadd14 | Triage

Submit
Reports

Overview

overview

1

Static

static

be69e99261...14.exe

windows7-x64

1

be69e99261...14.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

be69e99261cd76162ff94933c961471459f2e43eceab878b83336246dbfadd14.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

be69e99261cd76162ff94933c961471459f2e43eceab878b83336246dbfadd14.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

be69e99261cd76162ff94933c961471459f2e43eceab878b83336246dbfadd14
Size

248KB
MD5

be286c9f2d1246cb47ea27cfe35d896f
SHA1

39d759e2626ea62751edaeeb96c678a12af06e3f
SHA256

be69e99261cd76162ff94933c961471459f2e43eceab878b83336246dbfadd14
SHA512

23a464e849a7542f22ca9d051d89d751d5b94a12de940fa91ba1f20ce2f26d1a3664bc36047f5f10af3eab55b461ce7452abcf0c07e638476b93d0250de2eef2
SSDEEP

6144:Nqdj2s/PXhtyN8/9Gnab3VfNMCCrUEDg7c:NqdKIPXqycablFMCZEDgY

Score

N/A

Malware Config

Signatures

Files

be69e99261cd76162ff94933c961471459f2e43eceab878b83336246dbfadd14
.exe windows x86

c176b7a6d57fd69641ccc11bdc202014

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoTaskMemFree
CoUninitialize
CoRevokeClassObject
CoInitialize
CoTaskMemAlloc

sisbkup

SisRestoredCommonStoreFile
SisFreeAllocatedMemory
SisCSFilesToBackupForLink
SisRestoredLink

msvcrt

exit
_acmdln
_XcptFilter
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__dllonexit
_onexit
_exit
_ftol
_ltoa
__getmainargs

kernel32

LocalFree
LoadLibraryA
GetLastError
RaiseException
InterlockedExchange
LocalAlloc
FreeLibrary
GetProcAddress
GetSystemInfo
GetStartupInfoA
VirtualProtect
WritePrivateProfileStringA
GetModuleHandleA

Exports

Exports

Redshape
easeHow
evendraw
snowwe

Sections

.text
Size: 116KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 420KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy