ddb2b3ed88a9062c0966a7e5308414bc280360e7eff53155aba4a3e38e3b9c3f | Triage

Submit
Reports

Overview

overview

8

Static

static

ddb2b3ed88...3f.exe

windows7-x64

8

ddb2b3ed88...3f.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

ddb2b3ed88a9062c0966a7e5308414bc280360e7eff53155aba4a3e38e3b9c3f.exe

Resource

win7-20220812-en

discovery persistence upx

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

ddb2b3ed88a9062c0966a7e5308414bc280360e7eff53155aba4a3e38e3b9c3f.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

ddb2b3ed88a9062c0966a7e5308414bc280360e7eff53155aba4a3e38e3b9c3f
Size

768KB
MD5

92fa2895349e506186b9c27287625103
SHA1

e312ed017c56851e4881d49cac16eead4da9d05f
SHA256

ddb2b3ed88a9062c0966a7e5308414bc280360e7eff53155aba4a3e38e3b9c3f
SHA512

a2d47578482031ba4b12b3f26dd51ea535cb5f005a9fe404c93b11a70082a14ffa374451742970df3e8c9e91c0669dada21e4fe9e47881c9f0f798efd38f9d35
SSDEEP

12288:Mzhgsta4Z9ufHOfZ7J9QNewYa9eRbG3zluVeYFV0eL/4udOkPVEqLuy9LFA4:+hgstTf39OYVG3x3YFFOaVEeuuL

Score

N/A

Malware Config

Signatures

Files

ddb2b3ed88a9062c0966a7e5308414bc280360e7eff53155aba4a3e38e3b9c3f
.exe windows x86

2dfd48b552a3b6f355cb7f4357b58fa2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenEventW
GetStartupInfoA
CreateDirectoryW
RemoveDirectoryW
CreateFileA
CreateMutexA
ReleaseSemaphore
MapViewOfFile
VirtualProtect
LoadLibraryA
CreateFileMappingW
HeapSize
FatalExit
GetVersion
GetStdHandle
ReleaseMutex
GetCommandLineW
SetLastError
SetLastError
DeleteFileA
RemoveDirectoryW
lstrlenA
GetFileSize
HeapDestroy
ReleaseSemaphore

cryptui

CryptUIWizDigitalSign
DllUnregisterServer
CryptUIWizImport
LocalEnrollNoDS
CryptUIDlgFreeCAContext
WizardFree
CryptUIStartCertMgr
CryptUIDlgViewContext
WizardFree
LocalEnroll
DllRegisterServer
CryptUIWizBuildCTL
CryptUIWizExport

iernonce

InitCallback
RunOnceExProcess
RunOnceExProcess
InitCallback

Sections

.text
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 760KB - Virtual size: 760KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy