b229218398d100599a9d9a210db3b86922539168991e3ea1b3a6461bea7da5b7 | Triage

Submit
Reports

Overview

overview

8

Static

static

b229218398...b7.exe

windows7-x64

8

b229218398...b7.exe

windows10-2004-x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

b229218398d100599a9d9a210db3b86922539168991e3ea1b3a6461bea7da5b7.exe

Resource

win7-20220812-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

b229218398d100599a9d9a210db3b86922539168991e3ea1b3a6461bea7da5b7.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

7 signatures

150 seconds

General

Target

b229218398d100599a9d9a210db3b86922539168991e3ea1b3a6461bea7da5b7
Size

212KB
MD5

3aae8fe6f91e88afda17fc78a5c823d4
SHA1

0c385462c222ac33968e932c6b38311cb16b8c9f
SHA256

b229218398d100599a9d9a210db3b86922539168991e3ea1b3a6461bea7da5b7
SHA512

79038d64ec6eec8a642ea02286eac6f2fc6d2c75ec26cfa4e671c0d00cf804f7130a46c8f0f2af8c5c4add79dba236a4ab9e44561f7f544e7841d57f2952821d
SSDEEP

6144:WQoJuNBX8yhav08vgJEnJpAq1mZLrE2buwAWL6A4p:WQrNBX8oav08vWIJp31mZrECfk

Score

N/A

Malware Config

Signatures

Files

b229218398d100599a9d9a210db3b86922539168991e3ea1b3a6461bea7da5b7
.exe windows x86

e1825aa43be5482c764dfe3b7e0156cc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsCharUpperW

kernel32

GetConsoleCP

shlwapi

StrCmpLogicalW

Exports

Exports

RoamingTraiI
?ImpactDS@@YG_JU_HALIGNLEFT@@U_REMOTECONTROL_SYS@@@I
?JoinLower@@YG_JU_HALIGNLEFT@@U_REMOTECONTROL_SYS@@@I

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.write
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 233KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.read
Size: 512B - Virtual size: 269B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy