994e525f270617611837d4dc42ce0e92bde68278dd4a20e0486a73f4a5164573 | Triage

Submit
Reports

Overview

overview

8

Static

static

994e525f27...73.exe

windows7-x64

8

994e525f27...73.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

994e525f270617611837d4dc42ce0e92bde68278dd4a20e0486a73f4a5164573.exe

Resource

win7-20220812-en

discovery persistence upx

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

994e525f270617611837d4dc42ce0e92bde68278dd4a20e0486a73f4a5164573.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

994e525f270617611837d4dc42ce0e92bde68278dd4a20e0486a73f4a5164573
Size

749KB
MD5

310e9c642ee7eaa9c063dd7beea5d9ca
SHA1

39c3681c5f260bab295cfc783e6a60e9f9ede356
SHA256

994e525f270617611837d4dc42ce0e92bde68278dd4a20e0486a73f4a5164573
SHA512

2dbfd5137b98985b2cdeea95e00b965edf8975f652656a017aabb3c7187ade2c8dc73d38f2cd19c6ac6bffc2ebcd2805fbd637bba986267fd1238c249b781625
SSDEEP

12288:1MVi79dvM/ovKWmNMiBn2V557KBgUoP7R9wKE5sCKSpIchC4O4ePbrMr8589SOU0:1MqLMwyWo+P76gU07n7EeCnIchC4O4Lu

Score

N/A

Malware Config

Signatures

Files

994e525f270617611837d4dc42ce0e92bde68278dd4a20e0486a73f4a5164573
.exe windows x86

eccce8db8e0cfbee3891150afcc2f323

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
VirtualProtectEx
CreateEventW
CreateFileA
Sleep
ReleaseMutex
FindClose
DeleteFileA
lstrlenA
CreateFileMappingW
RemoveDirectoryA
CreateDirectoryW
GetLastError
FindClose
CancelIo
GetFileType
SetStdHandle
RemoveDirectoryA
GetCommandLineA
ResetEvent
CreateMailslotW
OpenEventA
HeapFree
WriteConsoleW
GetModuleHandleA

cryptui

WizardFree
WizardFree
CryptUIWizImport
CryptUIDlgViewContext
CryptUIStartCertMgr
CryptUIWizExport
CryptUIWizDigitalSign
LocalEnrollNoDS
CryptUIDlgFreeCAContext
LocalEnroll
DllRegisterServer
CryptUIWizBuildCTL
DllUnregisterServer

dbnmpntw

ConnectionClose
ConnectionClose
ConnectionClose
ConnectionClose

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 740KB - Virtual size: 740KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy