b0bd3ecc14a719182959ad9f60a652cdd4317ec353442ae3e37158d80be96ce6 | Triage

Submit
Reports

Overview

overview

5

Static

static

b0bd3ecc14...e6.exe

windows7-x64

5

b0bd3ecc14...e6.exe

windows10-2004-x64

5

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

b0bd3ecc14a719182959ad9f60a652cdd4317ec353442ae3e37158d80be96ce6.exe

Resource

win7-20220812-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

b0bd3ecc14a719182959ad9f60a652cdd4317ec353442ae3e37158d80be96ce6.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

4 signatures

150 seconds

General

Target

b0bd3ecc14a719182959ad9f60a652cdd4317ec353442ae3e37158d80be96ce6
Size

63KB
MD5

4daa33800a095e38063da1ee782d37e0
SHA1

413700547e020acea3d96ce587ff42526cd0f21b
SHA256

b0bd3ecc14a719182959ad9f60a652cdd4317ec353442ae3e37158d80be96ce6
SHA512

bf424e0383f88c0e3377bb6f095af07c0bf8c836c6b0bcf7d113bc6598979125dce376dfb1c8e7d3f482087847edd7af3974fab6d514ff5268c3c81f7638e160
SSDEEP

768:k/XDIT6rqffLFFbAiBbqJTkYmTiauPpXRHIP9aVk/Ji9mzoSnOci2i/tSHXMFb:k/8T9fsabeTkYDaudRc4Vq5nitt

Score

N/A

Malware Config

Signatures

Files

b0bd3ecc14a719182959ad9f60a652cdd4317ec353442ae3e37158d80be96ce6
.exe windows x86

172d12ac75a52c8cf5ebe6b69f3fe3b5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MoveFileExA
SetLastError
GetVersionExA
GetModuleFileNameA
FindResourceA
Sleep
GetCurrentProcess
GetLastError
CreateFileA
SizeofResource
LoadResource
WriteFile
CloseHandle
LockResource
LocalAlloc
GetFileTime
SetFileTime
lstrcatA
GetCurrentThreadId
GetSystemDirectoryA
ExitProcess

user32

PostThreadMessageA
GetInputState
GetMessageA

advapi32

StartServiceA
CloseServiceHandle
OpenProcessToken
AdjustTokenPrivileges
RegDeleteKeyA
LookupPrivilegeValueA
RegSetValueExA
RegCreateKeyA
RegOpenKeyExA
RegCloseKey
OpenSCManagerA
RegQueryValueExA
QueryServiceConfigA
ChangeServiceConfigA
OpenServiceA
QueryServiceStatus
ControlService
CreateServiceA
RegDeleteValueA

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation

msvcrt

_stricmp

Sections

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy