0f079efb38b8e9b8a65590219856358f4fc087d36fb743c2ce34ecbfb7c145df | Triage

Submit
Reports

Overview

overview

8

Static

static

0f079efb38...df.exe

windows7-x64

8

0f079efb38...df.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

0f079efb38b8e9b8a65590219856358f4fc087d36fb743c2ce34ecbfb7c145df.exe

Resource

win7-20220812-en

discovery persistence upx

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

0f079efb38b8e9b8a65590219856358f4fc087d36fb743c2ce34ecbfb7c145df.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

0f079efb38b8e9b8a65590219856358f4fc087d36fb743c2ce34ecbfb7c145df
Size

758KB
MD5

bf04692b148f5ab277b2ea2957e0bb9f
SHA1

3ac7b2a6454befc4f4986672734a8ab3c88ebc95
SHA256

0f079efb38b8e9b8a65590219856358f4fc087d36fb743c2ce34ecbfb7c145df
SHA512

2969695f6293efc25c980bb5d9544003207fb2f781d578075351f840802119deb0514336c808b853fcb7bc785bcb4fedead833915f2eca201536350875abeb13
SSDEEP

12288:Evbh1d+34+QYqCn2vLjP6SJUIZ3KAd7vjlpi2ICWI1tWLX/+1hHRJ92Bphpdw1aq:6bIfqDF9rdHB3kP+1h0pd2aqAAj

Score

N/A

Malware Config

Signatures

Files

0f079efb38b8e9b8a65590219856358f4fc087d36fb743c2ce34ecbfb7c145df
.exe windows x86

d7d08972ec66f0b285d6a7c73d78c79e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetDriveTypeA
HeapDestroy
GetStartupInfoA
CloseHandle
VirtualQuery
GetVolumePathNameA
CancelIo
GetCommandLineA
GetTimeFormatA
GetCommandLineA
GetModuleHandleA
HeapCreate
CreateEventA
GetFileAttributesA
TlsGetValue
GetEnvironmentVariableA
SetLastError
CloseHandle
GetConsoleTitleA

advapi32

CreateProcessAsUserA
RegCreateKeyExW
IsValidSid
ClearEventLogW
CreateServiceW
RegQueryValueW
ControlService
RegDeleteValueA
IsTextUnicode
IsValidSecurityDescriptor
IsValidAcl
RegEnumKeyA
InitializeSid

stclient

DllRegisterServer
DllRegisterServer
DllRegisterServer
DllRegisterServer

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 753KB - Virtual size: 752KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy