9d5b1ff0a229814feeccee62805c23e8a4cc5b285eec601f53a0fbea0881baf8 | Triage

Submit
Reports

Overview

overview

8

Static

static

9d5b1ff0a2...f8.exe

windows7-x64

8

9d5b1ff0a2...f8.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

9d5b1ff0a229814feeccee62805c23e8a4cc5b285eec601f53a0fbea0881baf8.exe

Resource

win7-20220812-en

persistence upx

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

9d5b1ff0a229814feeccee62805c23e8a4cc5b285eec601f53a0fbea0881baf8.exe

Resource

win10v2004-20220812-en

persistence upx

windows10-2004-x64

10 signatures

150 seconds

General

Target

9d5b1ff0a229814feeccee62805c23e8a4cc5b285eec601f53a0fbea0881baf8
Size

358KB
MD5

c6439eaba0627b0f476719400d8a69b1
SHA1

acfa6e28741371186dc96659eadec19b6c0c33b3
SHA256

9d5b1ff0a229814feeccee62805c23e8a4cc5b285eec601f53a0fbea0881baf8
SHA512

3388d88367df6f0b4bf0c24f4fe9e9c3f9eadaecf504cd0c439174de4c15b2446a8769e4ba75024cf806742fb077b01bb803b6245d0201e80c6976b8772e6bc5
SSDEEP

6144:g01Yk7BnS1reexa5IMl7elkTLPHOqwGzKYz5IeF61KAQkvgprft:p1bnSUexa5NjTDuqwGzK0IUpkvgp7t

Score

N/A

Malware Config

Signatures

Files

9d5b1ff0a229814feeccee62805c23e8a4cc5b285eec601f53a0fbea0881baf8
.exe windows x86

7cdfa4db03a83a33ba2e17ab8e5b7314

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
VirtualProtect
ResumeThread
GetCommandLineA
GetUserDefaultLCID
HeapCreate
WaitForSingleObject
LocalLock
GetModuleHandleA
GetACP
lstrlenA
PeekConsoleInputA
GetAtomNameA
GetSystemTime
LockResource
InterlockedExchange
LoadLibraryExA
WaitForSingleObject
SetLastError
GlobalSize
GetConsoleCP

user32

EndPaint
GetDC
GetClassNameA
GetCursorPos
GetWindow
FillRect
GetFocus
CreateIcon
SetForegroundWindow
DrawTextA
AnyPopup
DragDetect
GetParent
wsprintfA
GetTitleBarInfo
FrameRect
ShowWindow
BeginPaint
ReleaseDC

ntshrui

DllGetClassObject
DllCanUnloadNow
SetFolderPermissionsForSharing
GetLocalPathFromNetResourceA
GetNetResourceFromLocalPathA

wshtcpip

WSHIoctl

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 556KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy