cmd_payload_x86[.]exe | Triage

Submit
Reports

Overview

overview

1

Static

static

1

cmd_payload_x86.exe

windows7-x64

1

cmd_payload_x86.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

cmd_payload_x86.exe

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

cmd_payload_x86.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

cmd_payload_x86.exe
Size

8KB
MD5

38074fb427be501d2869c2c532047b08
SHA1

d51639553a8cb53a7db35c096b4a3e97de1ec1c6
SHA256

4c7e46c84520992d28f771d25ed6a4d4ccd902530f5721ee1314d9de48edbd27
SHA512

7fe37a4862ed1d3fd7c508b5c901d799341e69786263ee45ddb8c6e06b46f9167df6b7be2ee430f4e82eb1aa97a50767c670f5cc2bbbc90d3e277d2f6def23f2
SSDEEP

96:16TqIRAJND4abYVrQ90tE5A3klccOSP5sU:VIRaJ4aErP4A3kmcOSP5sU

Score

1^/10

Malware Config

Signatures

Files

cmd_payload_x86.exe
.exe windows x86

2218b2b4b07b84b86ad31ef60f780103

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_stricmp
printf
memset

kernel32

LocalFree
GetProcAddress
CloseHandle
LoadLibraryA
SetConsoleCtrlHandler
GetLastError
OpenProcess
ResumeThread
LocalAlloc
GetCurrentProcess

advapi32

DuplicateTokenEx
AdjustTokenPrivileges
RevertToSelf
ConvertSidToStringSidA
SetTokenInformation
LookupPrivilegeValueA
ImpersonateLoggedOnUser
OpenProcessToken
CreateProcessAsUserW
GetTokenInformation

psapi

EnumProcesses

userenv

DestroyEnvironmentBlock
CreateEnvironmentBlock

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 304B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy