ce9f35e2d7c5b41de9740d7e3de1740cc5f0d9cfe4be5df7d4496dfb11eeed50 | Triage

Submit
Reports

Overview

overview

8

Static

static

ce9f35e2d7...50.exe

windows7-x64

8

ce9f35e2d7...50.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

ce9f35e2d7c5b41de9740d7e3de1740cc5f0d9cfe4be5df7d4496dfb11eeed50.exe

Resource

win7-20220901-en

persistence upx

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

ce9f35e2d7c5b41de9740d7e3de1740cc5f0d9cfe4be5df7d4496dfb11eeed50.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

ce9f35e2d7c5b41de9740d7e3de1740cc5f0d9cfe4be5df7d4496dfb11eeed50
Size

310KB
MD5

405f551fe4e98808e64a93379f531024
SHA1

6688d18f13d542ac04b301832a6c77c3fbfe2c70
SHA256

ce9f35e2d7c5b41de9740d7e3de1740cc5f0d9cfe4be5df7d4496dfb11eeed50
SHA512

336e4ecf754273d90092e534d770a97ca7292239b08c3d9a24aedbb88fae4a2116b57dce470564fef56c8155391ebffc48681b637057a0531bb9a1306e7f293e
SSDEEP

6144:/lT4RgdWWEyKaIUhu71Wk/u8QN/rAL01a9mM6WAUep5UauhNehxO:tTp1EbUQRWkW9N/rAIEwMjDQUaNi

Score

N/A

Malware Config

Signatures

Files

ce9f35e2d7c5b41de9740d7e3de1740cc5f0d9cfe4be5df7d4496dfb11eeed50
.exe windows x86

fb21191f121ca72f3cb2db99bd151305

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
EnterCriticalSection
GlobalAddAtomA
SetConsoleOutputCP
GetLastError
GetLocaleInfoA
LockResource
CloseHandle
GetDriveTypeA
GetACP
GlobalFree
HeapCreate
Sleep
LoadLibraryExA
SetErrorMode
InterlockedExchange
RaiseException
GlobalDeleteAtom
GlobalUnlock
GetStdHandle
FileTimeToLocalFileTime

user32

ShowWindow
SetForegroundWindow
ClipCursor
GetParent
OemToCharW
ReleaseDC
GetCursorPos
GetWindow
ValidateRect
GetMenuItemInfoA
GetClassNameA
DrawTextA
GetFocus
EndPaint
DrawEdge
GetWindowTextA
IsIconic
GetActiveWindow
BeginPaint

wtsapi32

WTSFreeMemory
WTSOpenServerA
WTSLogoffSession
WTSQueryUserToken
WTSCloseServer

netapi32

DsRoleCancel

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy