398d4cb732f155720bab0b0b862bfa0c3755cdc3ed5f9c9956a5357825a20a37 | Triage

Submit
Reports

Overview

overview

Static

static

398d4cb732...37.exe

windows7-x64

398d4cb732...37.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

398d4cb732f155720bab0b0b862bfa0c3755cdc3ed5f9c9956a5357825a20a37.exe

Resource

win7-20220812-en

evasion persistence

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

398d4cb732f155720bab0b0b862bfa0c3755cdc3ed5f9c9956a5357825a20a37.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

398d4cb732f155720bab0b0b862bfa0c3755cdc3ed5f9c9956a5357825a20a37
Size

200KB
MD5

161b0bd65d6a7fd0de4a40e950b6334c
SHA1

b43cf614043097cc1048abfc69f4a274d017d0cd
SHA256

398d4cb732f155720bab0b0b862bfa0c3755cdc3ed5f9c9956a5357825a20a37
SHA512

b17d81a2d471859695f79bf9dcf6a6bb8b6ca425e07a7cb5dd79127629ec817069b771b24298ee2c0bea46468f20c453d6e415865ab91dbb7c138960ce0d9930
SSDEEP

3072:EK0n6/HBq3qAdGhS4k5p5pU4T4B+jca8Wz/9DMFIW925pOLA/hmqVvTVLC4HTkwk:EK0+Bq3qnop535+Wzmw5pSqpheLwe9

Score

N/A

Malware Config

Signatures

Files

398d4cb732f155720bab0b0b862bfa0c3755cdc3ed5f9c9956a5357825a20a37
.exe windows x86

fa3ce06839bec2db67e6785c778428f3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
CreatePipe
ExitThread
WaitForMultipleObjects
AddAtomA
GetCommandLineA
CloseHandle
DeleteAtom
CreateSemaphoreW
HeapFree
SetEndOfFile
SetVolumeLabelA
RemoveDirectoryA
GetFileType
GetDriveTypeW
GetModuleFileNameA
GetProcessHeap
IsBadWritePtr
FindAtomA
CreateDirectoryA
RemoveDirectoryA
FindClose
ClearCommBreak
WriteFile
GetModuleHandleA

clbcatq

CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup

msvidc32

DriverProc
DriverProc
DriverProc
DriverProc

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 191KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy