e34ed6505658ed4dfc642c6f9b04c4ca29ada61888fe5f842be0f42eaa27dbfc | Triage

Submit
Reports

Overview

overview

8

Static

static

e34ed65056...fc.exe

windows7-x64

8

e34ed65056...fc.exe

windows10-2004-x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

e34ed6505658ed4dfc642c6f9b04c4ca29ada61888fe5f842be0f42eaa27dbfc.exe

Resource

win7-20221111-en

persistence upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

e34ed6505658ed4dfc642c6f9b04c4ca29ada61888fe5f842be0f42eaa27dbfc.exe

Resource

win10v2004-20221111-en

persistence upx

windows10-2004-x64

3 signatures

150 seconds

General

Target

e34ed6505658ed4dfc642c6f9b04c4ca29ada61888fe5f842be0f42eaa27dbfc
Size

35KB
MD5

f140c25c0695ae2922325f4c1b8ead6d
SHA1

bd3095fd2de7c058881b89e76a24c5d92638a83e
SHA256

e34ed6505658ed4dfc642c6f9b04c4ca29ada61888fe5f842be0f42eaa27dbfc
SHA512

4ad5fcc0e65d7bf7ee0479cec76f83fda46b23eb94f9dafb0c1ce746cf40c1507740a96d883aa901b52d10c6cc8c1c2fdce01a61988fcca486e8bdb199652208
SSDEEP

768:30AR+em8M/BI+HUUBiAvbC24iYG1YUXyKMKU/sL8:EAM9a+HUUBiAvO2VYVUC3KU/sL

Score

N/A

Malware Config

Signatures

Files

e34ed6505658ed4dfc642c6f9b04c4ca29ada61888fe5f842be0f42eaa27dbfc
.exe windows x86

0be30b340477f41361b35c27fbb4dd55

Code Sign

10:cd:f5:10:8c:72:cf:aa:40:20:39:d0:d2:2c:31:26
Certificate

Issuer

CN=Qeqoawiw

Not Before

31-12-2010 22:00

Not After

31-12-2039 23:59

Subject

CN=Qeqoawiw

3f:5e:9e:86:1b:fe:c3:f4:a2:9c:88:dc:86:0c:0c:23:f0:d2:e0:ef
Signer

Actual PE Digest

3f:5e:9e:86:1b:fe:c3:f4:a2:9c:88:dc:86:0c:0c:23:f0:d2:e0:ef

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Qeqoawiw

01-12-2022 14:35
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetModuleHandleA
VirtualAlloc
ExitProcess

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 162B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy