6ef6a349063807b2743be05f62b0355a9965f95575b5125be47791cb2a61bcb5 | Triage

Submit
Reports

Overview

overview

7

Static

static

6ef6a34906...b5.exe

windows7-x64

7

6ef6a34906...b5.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

6ef6a349063807b2743be05f62b0355a9965f95575b5125be47791cb2a61bcb5.exe

Resource

win7-20221111-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

6ef6a349063807b2743be05f62b0355a9965f95575b5125be47791cb2a61bcb5.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

6ef6a349063807b2743be05f62b0355a9965f95575b5125be47791cb2a61bcb5
Size

37KB
MD5

1045443dae062b3ee270b76acfcbd760
SHA1

adba197be43e20cd45b1df7148dc8bc92b541f89
SHA256

6ef6a349063807b2743be05f62b0355a9965f95575b5125be47791cb2a61bcb5
SHA512

0e0f05c06fc7f54ffb84b24a1bdd9a5dce1016bc40390d2ebb3c5d802ef1a0eb1e90a710c25bf68a38e36f585ff0c84fa69b7fa3dc45c034022cbe9d5e66e36f
SSDEEP

768:TWpSyNFIhok5I0A4Ce9NifIL4DRd4/fLI0Yr7Jz+5v39FYBB9GXDSM2EHIW:ISy3Ge0A4Ce9Rqxnr7JzGvtUODSMpHIW

Score

N/A

Malware Config

Signatures

Files

6ef6a349063807b2743be05f62b0355a9965f95575b5125be47791cb2a61bcb5
.exe windows x86

8a71d90964cfaa2b6ed7a385eaf97dda

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
WinExec
lstrlenA
lstrcatA
GetProcAddress
GetModuleHandleA
GetEnvironmentVariableA
IsBadReadPtr
OpenProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
GetCurrentProcess
Sleep
GetFullPathNameA
CopyFileA
lstrcpyA
DeleteFileW
ExpandEnvironmentStringsA
LoadLibraryA
lstrlenW
VirtualFreeEx
CreateDirectoryA
GetSystemDirectoryA
lstrcpyW
lstrcatW
MultiByteToWideChar
GetVersionExA
GetModuleFileNameA
CreateFileMappingA
MapViewOfFile
SetLastError
UnmapViewOfFile
GetFileSize
SetFilePointer
ReadFile
LocalAlloc
CloseHandle
LocalFree
VirtualFree
VirtualAlloc

user32

CharUpperA
MessageBoxA

advapi32

RegSetValueExA
RegCloseKey
RegDeleteKeyA
RegCreateKeyA

imagehlp

CheckSumMappedFile

ntdll

NtSetSystemInformation
RtlInitUnicodeString
NtCreateFile
ZwLoadDriver
NtDeleteFile
RtlUnwind

psapi

EnumProcessModules
GetModuleBaseNameA

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy