97aa5d6166d78b34a9aa69b07029f9479975675a11c938e6186aa65bfbf20aba | Triage

Submit
Reports

Overview

overview

8

Static

static

97aa5d6166...ba.exe

windows7-x64

3

97aa5d6166...ba.exe

windows10-2004-x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

97aa5d6166d78b34a9aa69b07029f9479975675a11c938e6186aa65bfbf20aba.exe

Resource

win7-20220812-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

97aa5d6166d78b34a9aa69b07029f9479975675a11c938e6186aa65bfbf20aba.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

97aa5d6166d78b34a9aa69b07029f9479975675a11c938e6186aa65bfbf20aba
Size

190KB
MD5

15679cf4de9a2b3e3f546a9ab52dc45c
SHA1

d27c2926e3afea41af95055ba02b4fa9986b4726
SHA256

97aa5d6166d78b34a9aa69b07029f9479975675a11c938e6186aa65bfbf20aba
SHA512

60a57fd527fe746b66a96c59f1d590d20be14eff61689ea2c63f04138fe6132bb39abbe35fa5e53edc6c12b649acb478667968398630adf5892cf690c73ddeeb
SSDEEP

3072:c1ZKBkHAEst3eZJkTdytkVpqAXwv6Xwi1eDWX1RQYNbFWrrpkO1Qz+Zc6F:c1FH23eZJmdytatwyN1aYNirp+/6F

Score

N/A

Malware Config

Signatures

Files

97aa5d6166d78b34a9aa69b07029f9479975675a11c938e6186aa65bfbf20aba
.exe windows x86

dc00c62f42cd40dd44db974c6d663231

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GlobalUnlock
LocalLock
WriteConsoleOutputA
GlobalSize
ReadConsoleOutputCharacterA
SetHandleInformation
OpenMutexA
GetCommMask
GetVersion
RegisterWaitForSingleObjectEx
lstrcpynA
LoadLibraryA
GetCommandLineA
GetStartupInfoA
ExitProcess

ntdll

RtlEraseUnicodeString
ZwReadFile
RtlStringFromGUID
NtFlushBuffersFile
ZwFreeUserPhysicalPages
RtlPrefixString
RtlCompactHeap
ZwQuerySystemInformation
RtlCopyLuidAndAttributesArray
NtCurrentTeb
iswlower
RtlLengthSecurityDescriptor
RtlAllocateHeap
ZwSetVolumeInformationFile
ZwLoadKey
NtAssignProcessToJobObject

Exports

Exports

Lsxpytmgdx

Sections

.d41
Size: 4KB - Virtual size: 496KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_PAGELK
Size: 181KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy