a56d0eed90e15c3659733eecec89bda30fad1e0e70af0c3f0d25b31ddc7a2b55 | Triage

Submit
Reports

Overview

overview

8

Static

static

a56d0eed90...55.exe

windows7-x64

8

a56d0eed90...55.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

a56d0eed90e15c3659733eecec89bda30fad1e0e70af0c3f0d25b31ddc7a2b55.exe

Resource

win7-20220812-en

discovery persistence upx

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

a56d0eed90e15c3659733eecec89bda30fad1e0e70af0c3f0d25b31ddc7a2b55.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

a56d0eed90e15c3659733eecec89bda30fad1e0e70af0c3f0d25b31ddc7a2b55
Size

745KB
MD5

37e0abea15991df7ed641047bb8526cd
SHA1

487ba428c90fdeb6dd3b19c6435c567e7c310bc8
SHA256

a56d0eed90e15c3659733eecec89bda30fad1e0e70af0c3f0d25b31ddc7a2b55
SHA512

fa974309d5e530f6ddb1b544a926778eae9c754a40b2f9a970fc1d31dca04988938e0bbe0950f72a17b44c35a46f15a97cdd74c8adfce1e21193543b23663036
SSDEEP

12288:8YMUaZbI6dwFtPa4aExfHD6wc+ymfhDD5zw0kl+krXYwfJqv64m1eua3nJGGTiqS:C9iF0Ex/zchmfhDD5zw0kLRp4RuoJ5TO

Score

N/A

Malware Config

Signatures

Files

a56d0eed90e15c3659733eecec89bda30fad1e0e70af0c3f0d25b31ddc7a2b55
.exe windows x86

923bfb52f3cd9d09d2e53a231dc23489

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
WaitForSingleObject
DeleteFileW
IsBadReadPtr
HeapSize
SetEndOfFile
FindAtomW
ExitProcess
SuspendThread
GetStdHandle
ReadFile
CloseHandle
GetFileAttributesA
GetVersion
EnterCriticalSection
GetCurrentDirectoryA
SetLastError
GetEnvironmentVariableA
DeleteAtom
GetModuleHandleA
CreateFileA
VirtualAlloc
SetLastError
SetFileAttributesW
GetFileSize

cryptui

CryptUIWizImport
CryptUIDlgFreeCAContext
CryptUIDlgSelectStoreA
CryptUIWizExport
CryptUIDlgFreeCAContext
DllRegisterServer
CryptUIDlgFreeCAContext
CryptUIDlgViewContext
DllUnregisterServer
LocalEnroll
CryptUIWizBuildCTL
LocalEnrollNoDS
CryptUIWizDigitalSign

winrnr

NSPStartup
NSPStartup
NSPStartup
NSPStartup

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 737KB - Virtual size: 737KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy