3d17779ce94adc2346892da84eb3ddc55fb09bb6 | Triage

Submit
Reports

Overview

overview

8

Static

static

3d17779ce9...b6.exe

windows7-x64

8

3d17779ce9...b6.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

3d17779ce94adc2346892da84eb3ddc55fb09bb6.exe

Resource

win7-20220812-en

discovery persistence upx

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

3d17779ce94adc2346892da84eb3ddc55fb09bb6.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

3d17779ce94adc2346892da84eb3ddc55fb09bb6
Size

759KB
MD5

28d7161f79dadff2e8ace0d0aa9789ad
SHA1

3d17779ce94adc2346892da84eb3ddc55fb09bb6
SHA256

95f938843aec1d1b3873318929364ff0a67a1bfa96a5ed88881849b7b1e1f00f
SHA512

f44182791a26976dba86d210943aae9f703a1ec8a80b1dc0ba72db9bc309b15ebd30e7e5efee50b42e394b9515ca3565a64f123aa300e59cf7ef4cf572775ec0
SSDEEP

12288:aHuKBIhobFQ9bhIEQ9VperlzQZNewuObmCzvxdKwHxCcCKjGjoJbe9Ziwywfufx7:aHuKf0JQ9Vper2ZNe9ObHzUcCKjGjoJd

Score

N/A

Malware Config

Signatures

Files

3d17779ce94adc2346892da84eb3ddc55fb09bb6
.exe windows x86

0e96e176488a0dcad2cb4773195fe625

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleTitleA
GetModuleHandleA
VirtualQuery
GetCommandLineA
GetDriveTypeA
HeapCreate
ResetEvent
GetVolumePathNameA
lstrlenA
GetTimeFormatA
CloseHandle
CloseHandle
GetStartupInfoA
DeleteFileW
GetEnvironmentVariableA
GetCommandLineA
HeapDestroy
CreateEventA
TlsGetValue
CancelIo

advapi32

RegEnumKeyA
RegCreateKeyExW
ControlService
IsValidAcl
IsValidSid
CreateProcessAsUserA
ClearEventLogW
CreateServiceW
RegQueryValueW
InitializeSid
IsValidSecurityDescriptor
IsTextUnicode
RegDeleteValueA

resutils

ResUtilGetSzValue
ResUtilGetSzValue
ResUtilGetSzValue
ResUtilGetSzValue

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 754KB - Virtual size: 753KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy