9bd730b1d50306dfb962a5cc0d7bea87e0c383e14b94822497603a02959f7617 | Triage

Submit
Reports

Overview

overview

Static

static

9bd730b1d5...17.exe

windows7-x64

9bd730b1d5...17.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

9bd730b1d50306dfb962a5cc0d7bea87e0c383e14b94822497603a02959f7617.exe

Resource

win7-20221111-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

9bd730b1d50306dfb962a5cc0d7bea87e0c383e14b94822497603a02959f7617.exe

Resource

win10v2004-20220901-en

discovery persistence

windows10-2004-x64

6 signatures

150 seconds

General

Target

9bd730b1d50306dfb962a5cc0d7bea87e0c383e14b94822497603a02959f7617
Size

291KB
MD5

73ecf24e48e9c1e9e64bdc0005206fdd
SHA1

f7acad7619699af353978dc5d698e04854d0778d
SHA256

9bd730b1d50306dfb962a5cc0d7bea87e0c383e14b94822497603a02959f7617
SHA512

1958bf2fb8f420d8e053ad87c0ab31168510feafed05875cc767885da37e4d63031073f47a1ac9c15c10c0981db01c130f08f47f49651af902527b0df50adfdb
SSDEEP

6144:HiKol9wG8Xndlj3eCgyJ6eI5RHzCOdkQtDN:CKQ998XndlzeQ/IDHzRkQtDN

Score

N/A

Malware Config

Signatures

Files

9bd730b1d50306dfb962a5cc0d7bea87e0c383e14b94822497603a02959f7617
.exe windows x86

44acb762461e5564783f45d4e45f0a41

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxIndirectA

gdi32

GetDeviceCaps
BitBlt
DeleteDC
SelectObject
CreateCompatibleBitmap
GetObjectA
DeleteObject
GetBitmapBits
CreateCompatibleDC
CreateDCA

kernel32

SetLastError
GlobalMemoryStatus
FreeLibrary
CloseHandle
GetFileType
FlushConsoleInputBuffer
GetThreadTimes
GetCurrentThreadId
GetStdHandle
HeapCreate
VirtualAllocEx

wsock32

recv
ntohs
setsockopt
WSACancelBlockingCall
WSACleanup
getservbyname
gethostbyname
ntohl
inet_ntoa
WSASetLastError
accept
htons
listen
bind
connect
getsockopt
WSAStartup
WSAGetLastError
closesocket
htonl
send
shutdown
socket

atmlib

ATMFinish
ATMGetNtmFields
ATMMakePSS
ATMGetFontInfo
ATMGetVersion
ATMFontSelected
ATMGetVersionExW

atl

AtlModuleRevokeClassObjects
DllCanUnloadNow
AtlAxDialogBoxA
AtlModuleTerm
AtlWaitWithMessageLoop

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 268KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy