97a6a6a79ec66e535f32fdd91955c17c5e1ff6c7be1d7a7bf39784601e3bfe2d | Triage

Submit
Reports

Overview

overview

1

Static

static

97a6a6a79e...2d.exe

windows7-x64

1

97a6a6a79e...2d.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

97a6a6a79ec66e535f32fdd91955c17c5e1ff6c7be1d7a7bf39784601e3bfe2d.exe

Resource

win7-20221111-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

97a6a6a79ec66e535f32fdd91955c17c5e1ff6c7be1d7a7bf39784601e3bfe2d.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

97a6a6a79ec66e535f32fdd91955c17c5e1ff6c7be1d7a7bf39784601e3bfe2d
Size

5KB
MD5

fa287a2b51170317148ae9507418efdb
SHA1

d3d3ca62bd7abefb5d8a43acdb2017cbf9a03d93
SHA256

97a6a6a79ec66e535f32fdd91955c17c5e1ff6c7be1d7a7bf39784601e3bfe2d
SHA512

ac3769a88601e2595735ed9d8b418ec10a327b0cc2845e6e83b96a9abaf4869bb63016b95a1f54821b26db8eba50f1ac51667ccba5076aaa7cddb67b412e40dc
SSDEEP

96:xffZkpRoHz6RVFDcB3nUjY+3UEkYKbAiiogEIVFOia:F0RYmRVyBk3QYGjgHXPa

Score

N/A

Malware Config

Signatures

Files

97a6a6a79ec66e535f32fdd91955c17c5e1ff6c7be1d7a7bf39784601e3bfe2d
.exe windows x86

c1910a93e3d14f0ab82e4fe7dbe5ca81

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

shlwapi

SHRegGetValueA
PathCombineA
PathRenameExtensionA
PathFileExistsA
PathIsDirectoryA

netapi32

NetApiBufferFree
NetUserGetInfo
NetLocalGroupAddMembers
NetUserSetInfo
NetUserAdd

kernel32

lstrcpyA
DeleteFileA
CloseHandle
GetVersionExA
ExitProcess
CreateFileA
lstrcmpA
lstrlenA
MapViewOfFile
UnmapViewOfFile
MoveFileExA
Sleep
GetFileAttributesA
FlushFileBuffers
CreateFileMappingA
SetFileAttributesA
CopyFileA

user32

ExitWindowsEx

advapi32

RegCloseKey
AdjustTokenPrivileges
RegCreateKeyExA
LookupPrivilegeValueA
RegSetValueExA
OpenProcessToken

shell32

SHGetSpecialFolderPathA

ole32

CoUninitialize
CoInitializeEx
CoCreateInstance

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy