Source: 9Aa8t2BpXw.exe |
Virustotal: Detection: 14% |
Perma Link |
Source: 9Aa8t2BpXw.exe |
ReversingLabs: Detection: 21% |
Source: 9Aa8t2BpXw.exe |
Static PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE |
Source: 9Aa8t2BpXw.exe |
Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
Source: 9Aa8t2BpXw.exe, 00000000.00000000.1632805996.0000000000405000.00000080.00000001.01000000.00000003.sdmp |
Binary or memory string: OriginalFilenamepConfigLanguage.EXEJ vs 9Aa8t2BpXw.exe |
Source: 9Aa8t2BpXw.exe |
Binary or memory string: OriginalFilenamepConfigLanguage.EXEJ vs 9Aa8t2BpXw.exe |
Source: 9Aa8t2BpXw.exe |
Static PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE |
Source: classification engine |
Classification label: mal60.winEXE@1/0@0/0 |
Source: C:\Users\user\Desktop\9Aa8t2BpXw.exe |
Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers |
Jump to behavior |
Source: 9Aa8t2BpXw.exe |
Virustotal: Detection: 14% |
Source: 9Aa8t2BpXw.exe |
ReversingLabs: Detection: 21% |
Source: C:\Users\user\Desktop\9Aa8t2BpXw.exe |
Section loaded: apphelp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\9Aa8t2BpXw.exe |
Section loaded: mfc42.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\9Aa8t2BpXw.exe |
Section loaded: textshaping.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\9Aa8t2BpXw.exe |
Section loaded: uxtheme.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\9Aa8t2BpXw.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\9Aa8t2BpXw.exe |
Section loaded: textinputframework.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\9Aa8t2BpXw.exe |
Section loaded: coreuicomponents.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\9Aa8t2BpXw.exe |
Section loaded: coremessaging.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\9Aa8t2BpXw.exe |
Section loaded: ntmarta.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\9Aa8t2BpXw.exe |
Section loaded: wintypes.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\9Aa8t2BpXw.exe |
Section loaded: wintypes.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\9Aa8t2BpXw.exe |
Section loaded: wintypes.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\9Aa8t2BpXw.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\9Aa8t2BpXw.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\9Aa8t2BpXw.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: all processes |
Thread injection, dropped files, key value created, disk infection and DNS query: no activity detected |
Source: all processes |
Thread injection, dropped files, key value created, disk infection and DNS query: no activity detected |