c331c9e57e7cb51e0a9eed6a4cfc9a710ef4abe84e565ffbcf29a59e8a27b681 | Triage

Submit
Reports

Overview

overview

8

Static

static

c331c9e57e...81.exe

windows7-x64

8

c331c9e57e...81.exe

windows10-2004-x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

c331c9e57e7cb51e0a9eed6a4cfc9a710ef4abe84e565ffbcf29a59e8a27b681.exe

Resource

win7-20220812-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

c331c9e57e7cb51e0a9eed6a4cfc9a710ef4abe84e565ffbcf29a59e8a27b681.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

2 signatures

150 seconds

General

Target

c331c9e57e7cb51e0a9eed6a4cfc9a710ef4abe84e565ffbcf29a59e8a27b681
Size

821KB
MD5

56ded25d9ceeb1f334b22b493a77e10c
SHA1

4a1ee6d3a624ae6a3035053c42a7637d48d6a6f8
SHA256

c331c9e57e7cb51e0a9eed6a4cfc9a710ef4abe84e565ffbcf29a59e8a27b681
SHA512

ef7ced5a2824af0625b147c3ae0694e87901e89baa91424e6aa4ef749fdc5338bb5770ba426204805e3ef0c8103d5b4e0db6ac955f17174d0d26387dcebedc5f
SSDEEP

24576:Xk6o2w1nen4G4n7k7vCRvNpAtjp1Tn52TMx6:Xro2wde4H7kDC5NpAtj31x

Score

N/A

Malware Config

Signatures

Files

c331c9e57e7cb51e0a9eed6a4cfc9a710ef4abe84e565ffbcf29a59e8a27b681
.exe windows x86

61dc89aab6ac2c95cee7a9473226e600

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

ntshrui

IsPathSharedW
IsPathSharedA
IsFolderPrivateForUser
GetNetResourceFromLocalPathA
GetLocalPathFromNetResourceA

dsprop

MsgBox
ErrMsg
CheckADsError
FindSheet

shell32

SHGetDesktopFolder
DuplicateIcon
DragFinish
ExtractIconA
ShellMessageBoxA
DllUnregisterServer
SHGetFileInfoA
DragAcceptFiles
DragQueryFileA
DragQueryPoint
SHFree

msctf

TF_CreateThreadMgr
TF_UninitSystem
TF_InitSystem
TF_GetInputScope
TF_CreateLangBarMgr

wtsapi32

WTSOpenServerA
WTSVirtualChannelRead
WTSSendMessageA
WTSVirtualChannelClose
WTSQueryUserConfigA
WTSWaitSystemEvent
WTSQueryUserToken

kernel32

QueryDosDeviceA
CreateEventA
SetFileAttributesA
GetModuleFileNameA
FindResourceA
DecodeSystemPointer
VirtualProtectEx
GetProcAddress
VirtualQueryEx
LoadLibraryA
CreateMutexA

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 806KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy