update2[.]exe | Triage

Resubmissions

28-12-2022 20:37

221228-zea5taef5v 10

13-07-2021 12:27

210713-cvc55ag4yn 10

25-02-2021 06:56

210225-dwftz9jkjn 10

04-11-2019 11:15

191104-athqk1tjxn 10

Sharing

Copy URL

Twitter E-mail

General

Target

update2.exe
Size

746KB
MD5

0bfb4a1efbb20a7291fcc022dec7d58b
SHA1

faec2a0afe296224f980ac059cf63f18eba800ce
SHA256

73ae67036a0d291c18208037010de359520cd613dda2f9eabfde3fec5558324f
SHA512

eae0e585ef29f56f27da897783ec582b228124437a6355cfd7b56be229558913dfd87d3005482c0fe54ba8f5e79fb1d50f869bd0e619b0ca7318ac055c62b425
SSDEEP

12288:dhhWltABHdeQEWngq+75M0m4Y3QxKmjKIiRCFhnquQI80BvaFViHM8:dhhQA5d4VMB4YQoiHnM0F

Score

N/A

Malware Config

Signatures

Files

update2.exe
.exe windows x86

22c2ff64096c42a39a38f0001c532f9d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

InitiateSystemShutdownA

pdh

PdhOpenLogW

user32

CreateAcceleratorTableA

kernel32

CompareStringW
CompareStringA
GetTimeZoneInformation
GetLocaleInfoW
GetModuleHandleW
GetModuleHandleA
GetProcAddress
LoadLibraryA
InterlockedIncrement
GetModuleFileNameW
GetLastError
VirtualQuery
GetSystemInfo
GetCommandLineA
GetVersionExA
DeleteFileA
SetUnhandledExceptionFilter
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
InterlockedDecrement
GetCurrentThreadId
GetCurrentThread
HeapDestroy
HeapCreate
VirtualFree
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
OutputDebugStringA
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
LoadLibraryExA
InitializeCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
Sleep
VirtualAlloc
HeapReAlloc
RtlUnwind
UnhandledExceptionFilter
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
TerminateProcess
GetCurrentProcess
VirtualProtect
SetEnvironmentVariableA

rpcrt4

RpcServerRegisterIf2

Sections

.text
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 435KB - Virtual size: 434KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

22c2ff64096c42a39a38f0001c532f9d

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

pdh

user32

kernel32

rpcrt4

Sections

.text Size: 72KB - Virtual size: 72KB

.rdata Size: 435KB - Virtual size: 434KB

.data Size: 31KB - Virtual size: 46KB

.crt Size: 180KB - Virtual size: 179KB

.rsrc Size: 27KB - Virtual size: 26KB

.text
Size: 72KB - Virtual size: 72KB

.rdata
Size: 435KB - Virtual size: 434KB

.data
Size: 31KB - Virtual size: 46KB

.crt
Size: 180KB - Virtual size: 179KB

.rsrc
Size: 27KB - Virtual size: 26KB