ewin[.]zip | Triage

Submit
Reports

Overview

overview

Static

static

ewin.exe

windows7-x64

ewin.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

ewin.exe

Resource

win7-20221111-en

windows7-x64

8 signatures

600 seconds

Behavioral task

behavioral2

Sample

ewin.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

10 signatures

600 seconds

General

Target

ewin.zip
Size

31KB
MD5

6d1c7f1f8ed47a771e88118e7a06df50
SHA1

c6c77a39cec317f532e395dbe2ec4d8afe225d54
SHA256

688ea75a94dfdade971e8231d9c83d11e516628f51bca64d490c4fff6bbb73b7
SHA512

6ce7ea594a99ba05a043453ee13e52fa638dc3cf8f090fcc1b9ef3fc2aafbb98f12e42226387c8c9e58637394b447b6a7d2e026ae784113d290a84bf52aa4d60
SSDEEP

768:GkOOEFQwTkttXKshCprBshXsJkMUHzYAGtekrFtDyeasfSR0:FwTktt45WhXs+9TYAWDyelf20

Score

N/A

Malware Config

Signatures

Files

ewin.zip
.zip

Password: infected
ewin.exe
.exe windows x86

1aab3d95a84f07254b335c0034ee35ca

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
lstrcmpW
LoadLibraryA
ExitThread
lstrcatW
WideCharToMultiByte
OpenProcess
GetCurrentProcess
TerminateProcess
GetProcessId
lstrcmpiW
GetModuleHandleA
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
LocalAlloc
lstrlenA

netapi32

NetApiBufferFree
NetShareEnum

rstrtmgr

RmStartSession
RmEndSession
RmRegisterResources
RmGetList

shlwapi

PathFindExtensionW

Sections

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 790B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy