9f863fcb9ff3915da7434dd92f672141ba8cc8b4f34c9bb8e2082ea4a07cee5e | Triage

Submit
Reports

Overview

overview

Static

static

9f863fcb9f...5e.exe

windows7-x64

3

9f863fcb9f...5e.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

9f863fcb9ff3915da7434dd92f672141ba8cc8b4f34c9bb8e2082ea4a07cee5e.exe

Resource

win7-20220901-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

9f863fcb9ff3915da7434dd92f672141ba8cc8b4f34c9bb8e2082ea4a07cee5e.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

5 signatures

150 seconds

General

Target

9f863fcb9ff3915da7434dd92f672141ba8cc8b4f34c9bb8e2082ea4a07cee5e
Size

194KB
MD5

5f5c468a49a4a81d7b585b15ac6e7e3a
SHA1

61102158a231b3d77f6a4de972e4c59871391f73
SHA256

9f863fcb9ff3915da7434dd92f672141ba8cc8b4f34c9bb8e2082ea4a07cee5e
SHA512

6b3ad16a22c6411dbbb09d7db330d380d1e8970affac9ce2e1366e215e1f1116e5a80b50893460172c7adeedc78f1722e12658ea05b9cbd196701ec54b4fa5d2
SSDEEP

6144:wJcAOd4P7SD/bifIbT0VX7kS3WFa+UNnLM3:wJHOdyM/bMI8VX6a+U1M3

Score

N/A

Malware Config

Signatures

Files

9f863fcb9ff3915da7434dd92f672141ba8cc8b4f34c9bb8e2082ea4a07cee5e
.exe windows x86

b52756b21734f45f282a2fa34adfbfee

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EndDialog
SendMessageA
GetWindowTextA
GetKeyboardState
FindWindowExA
GetKeyState
GetIconInfo
OpenDesktopA
ExitWindowsEx
GetClassNameA
MsgWaitForMultipleObjects
GetDlgItem
GetMessageA

advapi32

RegCloseKey
RegQueryValueExA
CryptAcquireContextW
CryptReleaseContext
RegSetValueExA
CryptHashData
CryptGetHashParam
GetUserNameW
CryptDestroyHash
RegEnumKeyExA
DuplicateTokenEx

kernel32

GetFileAttributesA
MulDiv
HeapAlloc
HeapReAlloc
VirtualAlloc
VirtualProtect
CloseHandle
GetVersionExW
GetCommandLineA
GlobalLock
GetTickCount
WideCharToMultiByte
GetSystemTimeAsFileTime
lstrcpynW
LoadLibraryA
LeaveCriticalSection
FindFirstFileW
GetProcAddress
ResetEvent
lstrcmpiA
FindClose

shlwapi

wnsprintfW
StrStrW
PathCombineW
wvnsprintfW
SHDeleteKeyA
PathFindFileNameW
StrCmpNIA
wvnsprintfA
PathMatchSpecW
PathFileExistsW
StrCmpNIW
PathRemoveFileSpecW

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy