df60faaf06361e9851d55a16f3875b6956e4179ff3a02699c8438d201981b932 | Triage

Submit
Reports

Overview

overview

8

Static

static

df60faaf06...32.exe

windows7-x64

8

df60faaf06...32.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

df60faaf06361e9851d55a16f3875b6956e4179ff3a02699c8438d201981b932.exe

Resource

win7-20221111-en

discovery persistence upx

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

df60faaf06361e9851d55a16f3875b6956e4179ff3a02699c8438d201981b932.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

df60faaf06361e9851d55a16f3875b6956e4179ff3a02699c8438d201981b932
Size

768KB
MD5

662142da6c8fa5dbcad7580c1398060c
SHA1

fb2e09abee84cd95422430942107936b2c080613
SHA256

df60faaf06361e9851d55a16f3875b6956e4179ff3a02699c8438d201981b932
SHA512

aa62826c5704f5fee4c7997aab4bd99644046b92e0ec4a06e528a20a1998ecb5f2df3abbfa24946bf7900be5de8ca47e690968a82b97312879f8091092daf3c6
SSDEEP

12288:it+GudHoe406ys4jPfG7o7oa32FkieUOWBi4rrz1RAQcezAiXA9ngs:5H540psKX4W7L4/ARor

Score

N/A

Malware Config

Signatures

Files

df60faaf06361e9851d55a16f3875b6956e4179ff3a02699c8438d201981b932
.exe windows x86

6b650218ffce9744a6eb0b8d5d3abf9d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
CreateMutexA
OpenEventW
GetCommandLineW
LoadLibraryA
RemoveDirectoryW
VirtualProtect
CreateFileMappingW
GetStdHandle
SetLastError
GetFileSize
HeapSize
HeapDestroy
GetVersion
MapViewOfFile
SetLastError
ReleaseSemaphore
ReleaseMutex
GetStartupInfoA
CreateDirectoryW
RemoveDirectoryW
DeleteFileA
ReleaseSemaphore
CreateFileA
FatalExit

cryptui

LocalEnrollNoDS
CryptUIWizExport
LocalEnroll
CryptUIWizImport
CryptUIWizBuildCTL
DllUnregisterServer
CryptUIWizDigitalSign
CryptUIDlgFreeCAContext
WizardFree
WizardFree
CryptUIStartCertMgr
DllRegisterServer
CryptUIDlgViewContext

iernonce

InitCallback
RunOnceExProcess
RunOnceExProcess
InitCallback

Sections

.text
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 760KB - Virtual size: 760KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy