d567e3a4cbfc9f193eccae1253d5ac0a7f70d57e782785e468c3e592e7a1aa78 | Triage

Submit
Reports

Overview

overview

8

Static

static

d567e3a4cb...78.exe

windows7-x64

8

d567e3a4cb...78.exe

windows10-2004-x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

d567e3a4cbfc9f193eccae1253d5ac0a7f70d57e782785e468c3e592e7a1aa78.exe

Resource

win7-20221111-en

persistence upx

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

d567e3a4cbfc9f193eccae1253d5ac0a7f70d57e782785e468c3e592e7a1aa78.exe

Resource

win10v2004-20220812-en

persistence upx

windows10-2004-x64

12 signatures

150 seconds

General

Target

d567e3a4cbfc9f193eccae1253d5ac0a7f70d57e782785e468c3e592e7a1aa78
Size

244KB
MD5

8e94e1607cc508ed0956ac9a6462ec0b
SHA1

d7642189b04c2da12dda921cca64af7ab4df1724
SHA256

d567e3a4cbfc9f193eccae1253d5ac0a7f70d57e782785e468c3e592e7a1aa78
SHA512

fba8ae9eb3483ea01bc0fe490f0652469fad7e286d689dab5a7f0ca40b283fca10f1d31f31a2437b4565634a91919d712b73edba932133d1d6f45a40dc467cb7
SSDEEP

6144:VQR8NeXlFydKuWq45vq/jpl5yLWp7/uFS:VQ5X22UP5yLWRO

Score

N/A

Malware Config

Signatures

Files

d567e3a4cbfc9f193eccae1253d5ac0a7f70d57e782785e468c3e592e7a1aa78
.exe windows x86

2cc08b5ffeac20ad68f13d83dc41838e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringA
IsBadWritePtr
GetCurrencyFormatA
GetProcAddress
GetACP
LocalFree
LocalReAlloc
TlsGetValue
LocalLock
GetLastError
TlsSetValue
VirtualAlloc
LocalHandle
GetModuleHandleA
GetStartupInfoA

secur32

ExportSecurityContext
InitializeSecurityContextA
AcceptSecurityContext
FreeCredentialsHandle
MakeSignature
VerifySignature
DecryptMessage
DeleteSecurityContext
ApplyControlToken
EncryptMessage
CompleteAuthToken

netapi32

NetConfigSet
NetGroupAdd
NetGroupAddUser
NetGetJoinInformation
NetConfigGetAll
NetErrorLogWrite
NetErrorLogClear
NetAuditClear
NetGetJoinableOUs
NetAuditWrite
NetFileGetInfo

msvcrt

_initterm
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
_acmdln
exit
__setusermatherr
__getmainargs
_XcptFilter
_exit

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 203KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 365KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy