b1d6e3bc2348b5e171e4c2a4b665c69bf32ce96f4ba772f1a84a88afb1ea3890 | Triage

Submit
Reports

Overview

overview

1

Static

static

b1d6e3bc23...90.exe

windows7-x64

b1d6e3bc23...90.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

b1d6e3bc2348b5e171e4c2a4b665c69bf32ce96f4ba772f1a84a88afb1ea3890.exe

Resource

win7-20221111-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

b1d6e3bc2348b5e171e4c2a4b665c69bf32ce96f4ba772f1a84a88afb1ea3890.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

b1d6e3bc2348b5e171e4c2a4b665c69bf32ce96f4ba772f1a84a88afb1ea3890
Size

155KB
MD5

5ea33783669ef5e355a09c428436897d
SHA1

7a545b52cb859baed4318a07ebcbb55503e197ee
SHA256

b1d6e3bc2348b5e171e4c2a4b665c69bf32ce96f4ba772f1a84a88afb1ea3890
SHA512

8e5b5e61689fa8a5e9ad3c1cde0b37266a46f4ec9baa21c6e2b93bd2ead05c72aedfad380b0496d94d58be5f41d363437292354775ae023b69611c4776b0c51e
SSDEEP

3072:MR/8rqUUfxIdq1n2UuVr2zJxJDwHTkjRzJFkPnHcCzbKtZx:MB85UfxIcpvwHAjRlFkPnHc2utZx

Score

N/A

Malware Config

Signatures

Files

b1d6e3bc2348b5e171e4c2a4b665c69bf32ce96f4ba772f1a84a88afb1ea3890
.exe windows x86

eb5182d3bdb01e76bf6fed9ecaf6c6e5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateGuid
StringFromCLSID
CoTaskMemAlloc
CLSIDFromString
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoCreateInstance
CoInitializeSecurity
CoSetProxyBlanket
CoInitializeEx
CoUninitialize
CoTaskMemFree
CoGetClassObject

rpcrt4

RpcStringBindingComposeW
RpcStringFreeW
RpcSmDestroyClientContext
RpcBindingFromStringBindingW

shell32

SHGetFolderPathW
DragQueryFileW
DragFinish
CommandLineToArgvW
SHFileOperationW

comdlg32

GetFileTitleA

kernel32

GetLogicalDriveStringsA
GetSystemTimeAsFileTime
GetProcessHeap
CreateConsoleScreenBuffer
GetModuleHandleW
CreateProcessA
GetTempFileNameA
HeapFree
HeapAlloc
LoadLibraryW
InterlockedExchange
Sleep
InterlockedCompareExchange
GetStartupInfoA
TerminateProcess
GetCurrentProcess

oleaut32

LHashValOfNameSys
GetRecordInfoFromTypeInfo
VarUI4FromDec
SysFreeString

Sections

.text
Size: 101KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 316B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy