d96db930c1984bfa82e3cd1844fc227c08bbeb96 | Triage

Submit
Reports

Overview

overview

8

Static

static

d96db930c1...96.exe

windows7-x64

8

d96db930c1...96.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

d96db930c1984bfa82e3cd1844fc227c08bbeb96.exe

Resource

win7-20221111-en

discovery persistence upx

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

d96db930c1984bfa82e3cd1844fc227c08bbeb96.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

d96db930c1984bfa82e3cd1844fc227c08bbeb96
Size

770KB
MD5

555421a36520ed23fa2f6b51e9841e0e
SHA1

d96db930c1984bfa82e3cd1844fc227c08bbeb96
SHA256

5c4451e32ab7a2e2ab4c040f414b05b829d536ba72099db09199d5aa9af89a38
SHA512

52b3b8036cc4821f66bddc470cf5f1bae2747080f31c9ecc48d6306f5fe69aa213bd34a4932a7f38afe5b177751b5427277b31d6c60b6d5999bf710d14606b9e
SSDEEP

12288:BdH1YYHO8IzsEXCa6of3zoHBDNW8n4vhKf2elbEI7mMYpza8GsPw9jfoOo7:3H1FVIV6ovzoH3m5i7mde8GsYBfoh

Score

N/A

Malware Config

Signatures

Files

d96db930c1984bfa82e3cd1844fc227c08bbeb96
.exe windows x86

92dd53284057f9278248deb85632d249

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventA
OpenMutexA
GetTimeFormatA
HeapCreate
GetStartupInfoA
SuspendThread
SetConsoleCP
CloseHandle
GetTickCount
DeleteFileA
Sleep
CloseHandle
GetModuleHandleA
ReleaseMutex
SetEvent
GetModuleFileNameW
LocalFlags
VirtualQuery
lstrlenW
GetCommandLineA

advapi32

RegCreateKeyExW
RegDeleteValueA
CreateServiceW
InitializeSid
CreateProcessAsUserA
RegEnumKeyA
IsValidSecurityDescriptor
ControlService
IsTextUnicode
RegQueryValueW
IsValidAcl
IsValidSid
ClearEventLogW

msvcirt

??0Iostream_init@@QAE@XZ
??0Iostream_init@@QAE@XZ
??0Iostream_init@@QAE@XZ
??0Iostream_init@@QAE@XZ

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 763KB - Virtual size: 763KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy