d99321a0a84b12e50c48e796c134b78afb391ba7c0e9082e887943d1ad26dc41 | Triage

Submit
Reports

Overview

overview

8

Static

static

d99321a0a8...41.exe

windows7-x64

8

d99321a0a8...41.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

d99321a0a84b12e50c48e796c134b78afb391ba7c0e9082e887943d1ad26dc41.exe

Resource

win7-20220812-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

d99321a0a84b12e50c48e796c134b78afb391ba7c0e9082e887943d1ad26dc41.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

d99321a0a84b12e50c48e796c134b78afb391ba7c0e9082e887943d1ad26dc41
Size

308KB
MD5

0791fb45e73cbdb01058b875ad326680
SHA1

9c9b2734106c4527e4873224f6634ed8c5c5b14f
SHA256

d99321a0a84b12e50c48e796c134b78afb391ba7c0e9082e887943d1ad26dc41
SHA512

3c803b193629559ae7887986b9584c34c91048894bff3b0f20c13d7ff10b43e05a8c450a4d8ef347e117a5c3d84ee5ced75759d220037c14cb69b93c5a284eeb
SSDEEP

6144:LZ4X5hhZhOEGXAky+R0GsTNIfWaNLaz+TgcEnjIJZjBymyQ:E5hxO3uI0GiEI6TBEjIJpBFyQ

Score

N/A

Malware Config

Signatures

Files

d99321a0a84b12e50c48e796c134b78afb391ba7c0e9082e887943d1ad26dc41
.exe windows x86

c4ce60433ea4aadcfbb2c6758fffe8aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeW
lstrcpyW
GetLongPathNameA
Sleep
InterlockedDecrement
GetDiskFreeSpaceW
lstrcmpA
GetPrivateProfileSectionA
InterlockedIncrement
GetCurrentDirectoryA
GetExitCodeProcess
GetDiskFreeSpaceW
WaitForSingleObject
SetEnvironmentVariableA
Heap32First
ReadFileEx
GetPrivateProfileIntA
FindResourceW
GetPrivateProfileIntA
LoadLibraryA
HeapCreate
GetModuleHandleW
GetLogicalDrives

apphelp

SdbCreateMsiTransformFile
AllowPermLayer
ApphelpCheckIME
ApphelpCheckExe

clbcatq

ComPlusMigrate
ComPlusMigrate
CheckMemoryGates
CheckMemoryGates
SetSetupSave
SetSetupSave
DllGetClassObject
SetupOpen
SetupOpen
DllGetClassObject
CheckMemoryGates
ComPlusMigrate
SetupOpen

version

VerFindFileA

Sections

.text
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rsrc
Size: 304KB - Virtual size: 308KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy