0e4ac113b3eadf835b0d5a80be33980c88e2cba23fab2b5840fd9ed5a25186ab | Triage

Submit
Reports

Overview

overview

Static

static

0e4ac113b3...ab.exe

windows7-x64

0e4ac113b3...ab.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

0e4ac113b3eadf835b0d5a80be33980c88e2cba23fab2b5840fd9ed5a25186ab.exe

Resource

win7-20220812-en

evasion persistence

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

0e4ac113b3eadf835b0d5a80be33980c88e2cba23fab2b5840fd9ed5a25186ab.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

8 signatures

150 seconds

General

Target

0e4ac113b3eadf835b0d5a80be33980c88e2cba23fab2b5840fd9ed5a25186ab
Size

196KB
MD5

ffba56d65d4add7383ad3ae152ddaa95
SHA1

5ff81f31e70e566e81a3adbc366350c53a0ab580
SHA256

0e4ac113b3eadf835b0d5a80be33980c88e2cba23fab2b5840fd9ed5a25186ab
SHA512

98601b7c68281b88bd1ac2404f07f9e9decd372c9685bf1ffa6b3b1e4fe7650f817c1fdae8979c96ef0617d3584c0333e1a254104d2cc55b26566e5ed2e4a554
SSDEEP

3072:cI19BIFNt0awuhwL/anw0C9ygGGFgyKpnx6hF+D62DbIXZYx3134HKRcV:rejXf2Snw0C98WPkaYPIMZ4xV

Score

N/A

Malware Config

Signatures

Files

0e4ac113b3eadf835b0d5a80be33980c88e2cba23fab2b5840fd9ed5a25186ab
.exe windows x86

57f4bb022e1b17e64faaa2b05d4c7963

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathIsDirectoryW

kernel32

GetSystemTimeAsFileTime
LocalFree
GetCPInfo
GlobalFlags
FindClose
GetModuleHandleW
GetComputerNameExW
SetSystemTimeAdjustment

comdlg32

PageSetupDlgW
GetOpenFileNameW

user32

InvalidateRgn
RedrawWindow
GetNextDlgTabItem
AdjustWindowRect
RegisterClassExA
GetCaretPos
InternalGetWindowText
SetRect
CreateCaret
GetForegroundWindow
CreateWindowExA
SetWindowLongW
DispatchMessageW
PtInRect
CopyImage
ReleaseDC

gdi32

ResizePalette
SetDIBitsToDevice
GetDeviceCaps
EnumFontsW
LineDDA
StartDocW
AddFontResourceW

comctl32

ImageList_Draw
CreatePropertySheetPageA
ImageList_Destroy
ImageList_Remove

Exports

Exports

ModifyMutexOriginal@16
SendWindowOld@12
LoadVersionOriginal@8
List@8
EnumListItemOld@12

Sections

.text
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy