b8e598fac0bbd28bbd49ebe37a43889e1428e94db6c910a5a53e1bc3e3716504 | Triage

Submit
Reports

Overview

overview

8

Static

static

b8e598fac0...04.exe

windows7-x64

8

b8e598fac0...04.exe

windows10-2004-x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

b8e598fac0bbd28bbd49ebe37a43889e1428e94db6c910a5a53e1bc3e3716504.exe

Resource

win7-20220812-en

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

b8e598fac0bbd28bbd49ebe37a43889e1428e94db6c910a5a53e1bc3e3716504.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

8 signatures

150 seconds

General

Target

b8e598fac0bbd28bbd49ebe37a43889e1428e94db6c910a5a53e1bc3e3716504
Size

197KB
MD5

544405553672f0c62488a34437e0010e
SHA1

aa74331a6c7ea48106efeaab131717de78270a13
SHA256

b8e598fac0bbd28bbd49ebe37a43889e1428e94db6c910a5a53e1bc3e3716504
SHA512

6111f95f9a779dd503a216db21343d4ae269b3b18200469711d244440870e5297fce71cab42074a35bd0b645fe4e75693d819473178046dedbb89b839a35a698
SSDEEP

6144:xnTqhnKZ+gyxOErDR06XVRx2M5bnty0CP5:xGhnKch11nFRnw0q5

Score

N/A

Malware Config

Signatures

Files

b8e598fac0bbd28bbd49ebe37a43889e1428e94db6c910a5a53e1bc3e3716504
.exe windows x86

e9d08bf5741782b10ec0ff0b6cac05e8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathIsDirectoryEmptyW

advapi32

LookupAccountNameW
CryptDecrypt
CryptHashData
CryptDestroyKey
OpenSCManagerW

gdi32

GetNearestPaletteIndex
CreateSolidBrush
Ellipse
CreateDIBSection
SetViewportOrgEx
SetWindowOrgEx
RemoveFontResourceW
DeleteObject

user32

GetDlgCtrlID
TileWindows
InvalidateRect
SetTimer
CharUpperW
EndPaint
DispatchMessageA
MapWindowPoints
GetForegroundWindow
CharPrevA
ShowScrollBar
SetScrollPos
IsCharLowerA
GetDCEx
AdjustWindowRect
RemovePropW
CharToOemBuffA

kernel32

FoldStringW
WaitForSingleObject
lstrcatW
GetDateFormatA
SetTimerQueueTimer
lstrcpynW
GlobalLock

Exports

Exports

EnumTextA@16
AddFileA@4
FreePointA@12
RemoveDeviceNew@12
ModifyVersionNew@16

Sections

.text
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 532B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy