08500020b6d1682c61d5d4b1812062b707890d479edef4184cde3f4257bbaa27 | Triage

Submit
Reports

Overview

overview

8

Static

static

08500020b6...27.exe

windows7-x64

8

08500020b6...27.exe

windows10-2004-x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

08500020b6d1682c61d5d4b1812062b707890d479edef4184cde3f4257bbaa27.exe

Resource

win7-20221111-en

persistence upx

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

08500020b6d1682c61d5d4b1812062b707890d479edef4184cde3f4257bbaa27.exe

Resource

win10v2004-20220812-en

persistence upx

windows10-2004-x64

10 signatures

150 seconds

General

Target

08500020b6d1682c61d5d4b1812062b707890d479edef4184cde3f4257bbaa27
Size

329KB
MD5

2b9b6159790b676213f9a067cd7c09c0
SHA1

47e64211ccdd5aa7dfe41651f6df514f88bbc230
SHA256

08500020b6d1682c61d5d4b1812062b707890d479edef4184cde3f4257bbaa27
SHA512

db2dcb1d954ab84ad941e811831ed8404d2875694792f823776819572c4a62cbf412eee83647046499a0522763f159094084650da0c76e777777c686d66c2979
SSDEEP

6144:fl+gXiu9tcN2CVy0bTgwa0LlecMnmcCNRj/8aR5cij71cpu8xPyn1SXQyNHLFwv:NZXOHxbTgn0Bv1cEj/8qXjKprCQAyVB4

Score

N/A

Malware Config

Signatures

Files

08500020b6d1682c61d5d4b1812062b707890d479edef4184cde3f4257bbaa27
.exe windows x86

cabc3a00d406b675f6efea87c0956199

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
CompareFileTime
HeapCreate
SuspendThread
VirtualProtect
InterlockedExchange
SetConsoleCP
GetStdHandle
CloseHandle
WaitForMultipleObjects
GetCommandLineA
GetAtomNameA
lstrlenA
GetConsoleCP
GetVersion
GetTickCount
GlobalUnlock
GetSystemDefaultLangID
GetModuleHandleA
WaitForSingleObject
LoadLibraryExA

user32

GetCursorInfo
DrawCaption
IsDialogMessage
DestroyMenu
GetKeyState
SetPropA
CreateIcon
DispatchMessageA
InsertMenuA
FindWindowA
DragObject
InvertRect
SetWindowPos
CreateMenu
SetScrollInfo
FillRect
GetKeyboardLayout
EnableScrollBar
DialogBoxParamA
GetDlgItem

advapi32

RegQueryInfoKeyA
RegCreateKeyExA
RegEnumValueA
RegEnumKeyA
RegCloseKey

version

VerQueryValueA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 744KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy