ba1c858d562d5bb5d32ce745d5ab877f6f95f0d34bf0a11450d3d6675a2ea908 | Triage

Submit
Reports

Overview

overview

Static

static

ba1c858d56...08.exe

windows7-x64

3

ba1c858d56...08.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

ba1c858d562d5bb5d32ce745d5ab877f6f95f0d34bf0a11450d3d6675a2ea908.exe

Resource

win7-20220812-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

ba1c858d562d5bb5d32ce745d5ab877f6f95f0d34bf0a11450d3d6675a2ea908.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

5 signatures

150 seconds

General

Target

ba1c858d562d5bb5d32ce745d5ab877f6f95f0d34bf0a11450d3d6675a2ea908
Size

172KB
MD5

eb8465258e96088054c021d475590d3b
SHA1

2f26f7fcad067a382a7ffa1c392fc7c204afac95
SHA256

ba1c858d562d5bb5d32ce745d5ab877f6f95f0d34bf0a11450d3d6675a2ea908
SHA512

d570fd31a06d86bcd5b588554f8c42717efe2e6fa5647eaaf0b7552c59cffdc6192322f0f137aa720ee2f13de7434e97bc00689d07be4a518e3dfb2b06effc48
SSDEEP

3072:kOV0XMIewc5WE88MfNHcMdbnqlKim96A/7YKDIwDRdXdLTyJ8R9Iy:3V0Pzbx6kbUKT7YKzRvPyJo/

Score

N/A

Malware Config

Signatures

Files

ba1c858d562d5bb5d32ce745d5ab877f6f95f0d34bf0a11450d3d6675a2ea908
.exe windows x86

11ee5c8fbc300cb3961481e721df4a05

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetUserNameW
CryptDestroyHash
DuplicateTokenEx
RegEnumKeyExA
CryptCreateHash
CryptGetHashParam
CryptHashData
CryptReleaseContext
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegSetValueExA

kernel32

CloseHandle
FindFirstFileW
GetFileAttributesA
GetModuleFileNameA
VirtualAlloc
GetSystemTime
GetUserDefaultUILanguage
VirtualProtect
GetCommandLineA
GlobalLock
SetEvent
lstrcmpiA
InitializeCriticalSection
CreateMutexW
CreateFileA
lstrcpynW
GetSystemTimeAsFileTime
FindResourceW
HeapFree
GetLastError

user32

SendMessageA
GetIconInfo
GetKeyState
GetKeyboardState
GetDlgItem
PeekMessageA
GetWindowTextA
ExitWindowsEx
GetWindowThreadProcessId
OpenWindowStationA
GetMessageA
EndDialog
DrawIcon
ToUnicode
GetClipboardData
CloseDesktop
CloseWindowStation
LoadCursorA

shlwapi

wnsprintfA
SHDeleteKeyA
PathCombineW
PathFindFileNameW
PathRemoveFileSpecW
PathFileExistsW
StrCmpNIA
wvnsprintfW
wnsprintfW
StrCmpNIW
wvnsprintfA
StrStrW
PathMatchSpecW

Sections

.text
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy