b67b30b29bcfb861411914fc6859949f1db8639c159df98c2f005ef14f7c1af8 | Triage

Submit
Reports

Overview

overview

8

Static

static

b67b30b29b...f8.exe

windows7-x64

8

b67b30b29b...f8.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

b67b30b29bcfb861411914fc6859949f1db8639c159df98c2f005ef14f7c1af8.exe

Resource

win7-20220812-en

discovery persistence upx

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

b67b30b29bcfb861411914fc6859949f1db8639c159df98c2f005ef14f7c1af8.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

2 signatures

150 seconds

General

Target

b67b30b29bcfb861411914fc6859949f1db8639c159df98c2f005ef14f7c1af8
Size

749KB
MD5

ee5e49d6d104cf318775e5dcdb7c10e2
SHA1

2c82f4d3362482b398dd87d630b77a08bf81df02
SHA256

b67b30b29bcfb861411914fc6859949f1db8639c159df98c2f005ef14f7c1af8
SHA512

3c9b5d05e812987049310a21c6e7006e2c075e6e0b54033d73339a62418d889c1139bb12a430b0556c2e92df326937ddb38f7770cf95c96625708e18d7d35d8c
SSDEEP

12288:1emZhk1SmkiXpSkpJPto/ARGzI7Vdrf8COeWHHXgVwECp4xluW27RFN04BJf6bnq:1HOS2SkFo/ARD3rinXgVDCpYMgWybnNW

Score

N/A

Malware Config

Signatures

Files

b67b30b29bcfb861411914fc6859949f1db8639c159df98c2f005ef14f7c1af8
.exe windows x86

11ea62193e9db5f7114aa7541a7f80f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RemoveDirectoryA
GetCommandLineA
GetLastError
GetModuleHandleA
SetStdHandle
ResetEvent
SetLocalTime
WriteConsoleW
GetFileType
SetEvent
OpenEventA
CreateEventW
Sleep
VirtualProtectEx
CreateDirectoryW
FindClose
RemoveDirectoryA
HeapFree
DeleteFileA
ReleaseMutex
FindClose
WriteFile
CreateMailslotW
CreateFileMappingW
lstrlenA

uxtheme

GetThemeSysSize
DrawThemeBackground
SetWindowTheme
GetThemeTextMetrics
OpenThemeData
GetWindowTheme
GetThemeTextExtent
CloseThemeData
DrawThemeEdge
CloseThemeData
IsThemeActive
GetThemeColor
GetThemeBool

cmcfg32

CMConfig
CMConfig
CMConfig
CMConfig

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 741KB - Virtual size: 740KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy