PH7MHK[.]exe | Triage

Submit
Reports

Overview

overview

1

Static

static

1

PH7MHK.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

PH7MHK.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

PH7MHK.exe
Size

11KB
MD5

7f32e41451d26d57d2a2776f5f33f4c5
SHA1

a1d26672d44498a7ca9557bba5bae01c89cc307f
SHA256

57ebd9e7409034af37b26d96a99e426619f8fcca2647d3cb056e65ea2347ed9a
SHA512

9a98fdc94cec541e10192c578574a062415252b6b9337224db3aadc24fe680b8895dac223995450480e72b0f4cf10e9dbcc7e1c33f5959ed421a485873644d47
SSDEEP

192:LzhYYmn7Y0xKSCt+KDJcLXTLd7pXQLrAhMRTTbwS:LzhYYm7YACt3uLXTZmrFRTXz

Score

1^/10

Malware Config

Signatures

Files

PH7MHK.exe
.exe windows x64

1cc4e6f442a83fd3fd9285cc9091fdf3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

CreateMutexA
WaitForSingleObject
ReleaseMutex
Sleep
GetLastError
SetEvent
lstrcpyA
CloseHandle
CreateThread
ResetEvent
ExitProcess
GetCurrentProcessId
DeleteCriticalSection
CreateEventA
VirtualFree
VirtualAlloc
WaitForMultipleObjects
GetQueuedCompletionStatus
PostQueuedCompletionStatus
CreateIoCompletionPort
EnterCriticalSection
HeapFree
HeapReAlloc
InitializeCriticalSection
LeaveCriticalSection
HeapAlloc
HeapDestroy
HeapCreate
GetComputerNameExA

user32

wsprintfA

advapi32

GetUserNameA
SystemFunction036

ws2_32

inet_addr
select
gethostbyname
closesocket
socket
inet_ntoa
recv
htons
WSACleanup
WSAStartup
send
connect

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy