f0bc198f34948933b4a69766504e017c7791dbac93eadf318f39e725c3ecad31 | Triage

Submit
Reports

Overview

overview

1

Static

static

f0bc198f34...31.exe

windows7-x64

1

f0bc198f34...31.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

f0bc198f34948933b4a69766504e017c7791dbac93eadf318f39e725c3ecad31.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

f0bc198f34948933b4a69766504e017c7791dbac93eadf318f39e725c3ecad31.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

f0bc198f34948933b4a69766504e017c7791dbac93eadf318f39e725c3ecad31
Size

24KB
MD5

52d99e2e5d5072a082c4a07df77ec64d
SHA1

d3b79578019b23e02316493853b58152476f7b0b
SHA256

f0bc198f34948933b4a69766504e017c7791dbac93eadf318f39e725c3ecad31
SHA512

d1ea01059819c13620ff1013cbfc58779389506627ba90285d06bf2e862a34c93a2bcf91c7207e8d98d6195bd09e6b78dd87bd46921c54b44e5c1255655412a4
SSDEEP

192:qkFjk4VDcPCGYibcIq5eW2cPY5ZhsuqK27nsYqro6CSVYf4ILIYEAU8P1oyncf+y:ZFjkyDlB3IZW2cA5j27nP6JOH11Co8J

Score

N/A

Malware Config

Signatures

Files

f0bc198f34948933b4a69766504e017c7791dbac93eadf318f39e725c3ecad31
.exe windows x86

799a481c4587f705219ae2e3885e1a8d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
GetLastError
GetCurrentProcess
TerminateProcess
OpenProcess
CreatePipe
FindNextFileA
FindFirstFileA
GetLogicalDriveStringsA
CreateProcessA
GetStartupInfoA
GetModuleHandleA
CloseHandle
WriteFile
PeekNamedPipe
Sleep
FindClose
ReadFile

user32

EnumWindows
GetWindowTextA
GetWindowThreadProcessId

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
LookupPrivilegeValueA
OpenProcessToken
AdjustTokenPrivileges

msvcrt

_stricmp
realloc
free
atol
isdigit
malloc
sprintf
calloc
strncmp
atoi
fwrite
fread
fclose
ftell
fseek
fopen
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_strlwr

ws2_32

inet_addr
htons
WSAStartup
inet_ntoa
connect
setsockopt
socket
select
gethostname
closesocket
recv
send
gethostbyname

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy