12e4688aa354c6ca82e0e2e5bd2d5adf70af1a2d28c7adae81cdff7af740acaa | Triage

Submit
Reports

Overview

overview

5

Static

static

1

12e4688aa3...aa.exe

windows7-x64

5

12e4688aa3...aa.exe

windows10-2004-x64

5

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

12e4688aa354c6ca82e0e2e5bd2d5adf70af1a2d28c7adae81cdff7af740acaa.exe

Resource

win7-20220812-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

12e4688aa354c6ca82e0e2e5bd2d5adf70af1a2d28c7adae81cdff7af740acaa.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

4 signatures

150 seconds

General

Target

12e4688aa354c6ca82e0e2e5bd2d5adf70af1a2d28c7adae81cdff7af740acaa
Size

409KB
MD5

bbdb414bcca234c72a3718895240a0f2
SHA1

f2f0ef2295e0d23b004a7b6efcfc51b2dbd2bd33
SHA256

12e4688aa354c6ca82e0e2e5bd2d5adf70af1a2d28c7adae81cdff7af740acaa
SHA512

7230897b253794968cefc41e57ce0170b298ce45143b028477766944057b748a168a947bd37065e3d884250199fd71482cc72f12af234dbd1b411a4bf1b7a6f3
SSDEEP

12288:H2JqnIO05081AU/0yxOOTnO1OzEl6vBvyTYc:WQIOcP6yxOOTBE8Bu

Score

1^/10

Malware Config

Signatures

Files

12e4688aa354c6ca82e0e2e5bd2d5adf70af1a2d28c7adae81cdff7af740acaa
.exe windows x64

5d5ba55403e937caf3078fdcd0e9c643

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

wsock32

gethostbyname

version

VerQueryValueW

winmm

timeGetTime

comctl32

ImageList_Remove

mpr

WNetGetConnectionW

wininet

FtpOpenFileW

psapi

GetProcessMemoryInfo

iphlpapi

IcmpSendEcho

userenv

LoadUserProfileW

uxtheme

IsThemeActive

user32

GetDC

gdi32

LineTo

comdlg32

GetSaveFileNameW

advapi32

GetAce

shell32

DragFinish

ole32

CoGetObject

oleaut32

VariantChangeType

Sections

.MPRESS1
Size: 378KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy