c2b2a711a7be3af015d5d59854164428cfbcdc94149116c8ecd4f1e448fb3464 | Triage

Submit
Reports

Overview

overview

1

Static

static

c2b2a711a7...64.exe

windows7-x64

c2b2a711a7...64.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

c2b2a711a7be3af015d5d59854164428cfbcdc94149116c8ecd4f1e448fb3464.exe

Resource

win7-20221111-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

c2b2a711a7be3af015d5d59854164428cfbcdc94149116c8ecd4f1e448fb3464.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

c2b2a711a7be3af015d5d59854164428cfbcdc94149116c8ecd4f1e448fb3464
Size

447KB
MD5

04d702bff67647ab0017cd538d786530
SHA1

c12258d4d5122201eefb187db6dbf9e4d3d5390f
SHA256

c2b2a711a7be3af015d5d59854164428cfbcdc94149116c8ecd4f1e448fb3464
SHA512

5b7b72a6560d5542dce11bcf0f7625f799dd565e1034c5babab4e2b82ef13f6a59a8c7cce2494df1b9004353c66e267fef0d4288c26d6f043e3fc92bf1b677f4
SSDEEP

12288:q+KncI6kUGjRDZe4bP5N8Xj73kNQVhHfuL7KyeUAtR/DI:dKWaFJunC7KyeU0RLI

Score

N/A

Malware Config

Signatures

Files

c2b2a711a7be3af015d5d59854164428cfbcdc94149116c8ecd4f1e448fb3464
.exe windows x86

6cbc5af6999011abd05857708f517617

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
CreateFileW
GetFileTime
CreateFileW
SetLocalTime
GetCurrentThreadId
GetConsoleMode
GetFileAttributesA
DeleteFileW
GetDriveTypeA
LocalLock
GetConsoleAliasW
InterlockedExchange
CreateDirectoryA
CancelIo
LeaveCriticalSection
FindAtomA
GetStartupInfoW
ReadConsoleW
LocalFree
GetProcessHeap
GetModuleFileNameA
DeleteFileW
GetModuleHandleA
HeapDestroy

user32

MessageBoxA
GetKeyState
GetWindowLongA
wsprintfA
IsZoomed
DispatchMessageA
GetWindowLongA
GetSysColor
LoadCursorA
IsWindowEnabled
GetWindowDC
GetWindowTextA
PeekMessageA

davclnt

DllGetClassObject
NPGetCaps
NPCloseEnum
DllCanUnloadNow

advapi32

IsValidSid

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 800KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy