ec98cce2c5bb8918f63643b4f8b657de83b32f62255ee768811b29b770c67caf | Triage

Submit
Reports

Overview

overview

8

Static

static

ec98cce2c5...af.exe

windows7-x64

8

ec98cce2c5...af.exe

windows10-2004-x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

ec98cce2c5bb8918f63643b4f8b657de83b32f62255ee768811b29b770c67caf.exe

Resource

win7-20220901-en

discovery exploit

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

ec98cce2c5bb8918f63643b4f8b657de83b32f62255ee768811b29b770c67caf.exe

Resource

win10v2004-20220901-en

discovery exploit

windows10-2004-x64

12 signatures

150 seconds

General

Target

ec98cce2c5bb8918f63643b4f8b657de83b32f62255ee768811b29b770c67caf
Size

68KB
MD5

87e74fe498a18d8e5f8ef9822bb1c266
SHA1

c0ea2dc6d595712c5e55cc90f6fe47802120fe9d
SHA256

ec98cce2c5bb8918f63643b4f8b657de83b32f62255ee768811b29b770c67caf
SHA512

cf0657a175a38f4c295e3c2d68c7db59bc0895848e492f5b834ec36d925b70a111276d05887f40c4f39d9d93e484262f3d421466df5e0996ee91e5d11817d1c2
SSDEEP

1536:ocRIxxDweFdl6ENqBHNLKc2WOFRhVl+0HCn5E:xRy1wejhIBHNGYOFRhdiC

Score

N/A

Malware Config

Signatures

Files

ec98cce2c5bb8918f63643b4f8b657de83b32f62255ee768811b29b770c67caf
.exe windows x86

cdeca0c622a172698a55c8f0b84f878d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
CloseHandle
WriteFile
CreateFileA
GetProcAddress
GetCurrentThread
GetTempPathA
GetTickCount
GetSystemDirectoryA
GetVersionExA
CreateRemoteThread
CopyFileA
GetModuleFileNameA
WinExec
GetModuleHandleA
ExitProcess

user32

wsprintfA

shell32

ShellExecuteExA

ole32

CoInitialize

msvcrt

__set_app_type
_controlfp
__p__fmode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
__p__commode
exit
_XcptFilter
_exit
_except_handler3
memset
strcpy
strrchr
memcpy
??2@YAPAXI@Z
free

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy