d6e870d27f96235859c373a4909c1b4638c012136ad48be4aeddada0b6351f03 | Triage

Submit
Reports

Overview

overview

1

Static

static

d6e870d27f...03.exe

windows7-x64

1

d6e870d27f...03.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

d6e870d27f96235859c373a4909c1b4638c012136ad48be4aeddada0b6351f03.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

d6e870d27f96235859c373a4909c1b4638c012136ad48be4aeddada0b6351f03.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

d6e870d27f96235859c373a4909c1b4638c012136ad48be4aeddada0b6351f03
Size

14KB
MD5

e3989df48bd001447d8baac3d22adafc
SHA1

c4647edb90e110ac0ac6795f357ae5ca50b18fd5
SHA256

d6e870d27f96235859c373a4909c1b4638c012136ad48be4aeddada0b6351f03
SHA512

5d8573bf043f384e2869ffe7f35bc8c98a348934785928e59725ea85753d55457b1d90eefdd020cd711677c5c315e5289eef8ad46454d81f58772aa2a19091a5
SSDEEP

384:WaV6JuPAKKJ7U04HTNRpSIhaqaPK6a+DWe0J:WHJuPIBULZRlhGKx+Dq

Score

N/A

Malware Config

Signatures

Files

d6e870d27f96235859c373a4909c1b4638c012136ad48be4aeddada0b6351f03
.exe windows x86

a38bd27e238c999d3f75ba666442541d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_DrawIndirect
ImageList_GetIconSize
ImageList_SetBkColor
ImageList_Write

shell32

SheFullPathA
StrStrIW
SHFreeNameMappings
StrNCpyA

kernel32

DuplicateConsoleHandle
ConvertThreadToFiber
ConvertDefaultLocale
DeleteCriticalSection

ntdll

NtInitializeRegistry
NtOpenEventPair
NtLockRegistryKey
NtFreeUserPhysicalPages
NtMapUserPhysicalPagesScatter

Sections

.text
Size: 8KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 4B - Virtual size: 7KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy