c1b9b835bb727535bba71e1ebe857923b962b4176f055081e7083117c5c6d94e | Triage

Submit
Reports

Overview

overview

7

Static

static

c1b9b835bb...4e.exe

windows7-x64

7

c1b9b835bb...4e.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

c1b9b835bb727535bba71e1ebe857923b962b4176f055081e7083117c5c6d94e.exe

Resource

win7-20220901-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

c1b9b835bb727535bba71e1ebe857923b962b4176f055081e7083117c5c6d94e.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

6 signatures

150 seconds

General

Target

c1b9b835bb727535bba71e1ebe857923b962b4176f055081e7083117c5c6d94e
Size

170KB
MD5

932899c0e55b333dab738cf3775730e3
SHA1

38b2583a310bf8dc17f83b7f3c9cb5f86151e2c5
SHA256

c1b9b835bb727535bba71e1ebe857923b962b4176f055081e7083117c5c6d94e
SHA512

bb2b64303abdde88310e05318cc211db930de8d00f8a91700a0b12314fb15b40ffecb0ff56e20fe42c9336acc6f37b0a60c510ded576cecd5cd77878fc1a1cbe
SSDEEP

3072:9TIkqffzyjcoWJOtpinr/xfjWPEV63r+WbmlecksyOcj9Dw+yz:mtGDpIpfiPk63rqe1syP9Q

Score

N/A

Malware Config

Signatures

Files

c1b9b835bb727535bba71e1ebe857923b962b4176f055081e7083117c5c6d94e
.exe windows x86

768ba8fb3680dc23057b742712900845

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxW
IsWindow

shell32

SHGetSpecialFolderLocation
SHCreateDirectoryExW
CommandLineToArgvW

kernel32

ExitProcess
FindFirstFileW
FindNextFileW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFullPathNameW
GetModuleHandleA
GetProcAddress
SetUnhandledExceptionFilter
Sleep
TerminateProcess
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect
lstrlenW
InterlockedExchange

msvcrt

_cexit
_controlfp
_exit
_initterm
_ismbblead
_wcsdup
_wcslwr
exit
free
memset
printf
wcsstr
wprintf
_amsg_exit
__setusermatherr
__set_app_type
__p__fmode
__p__commode
_XcptFilter
__getmainargs

gdi32

PolyDraw
ArcTo

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

Exports

Exports

AHeartbeat
ChConvertFromHex
DestroyWindow
FIsSpaceW
FlushState
PSTCreateTypeSubType_NoUI
Sync

Sections

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 497B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy