6170cf6b8177798371a0a7281d296bd79584a4c8d4aa2f2643cfa7d1c95b238b | Triage

Submit
Reports

Overview

overview

Static

static

invoice.exe

windows7_x64

invoice.exe

windows10-2004_x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

invoice.exe

Resource

win7-20220414-en

nanocore evasion keylogger persistence spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

invoice.exe

Resource

win10v2004-20220414-en

nanocore evasion keylogger persistence spyware stealer trojan

windows10-2004_x64

0 signatures

0 seconds

General

Target

6170cf6b8177798371a0a7281d296bd79584a4c8d4aa2f2643cfa7d1c95b238b
Size

353KB
MD5

a4b3eb5488ccb7d0bd285be1baedda31
SHA1

ed775ebd6ffab54b378f1ddf35ccc4e6c3d7b197
SHA256

6170cf6b8177798371a0a7281d296bd79584a4c8d4aa2f2643cfa7d1c95b238b
SHA512

c2868551251caff3010a8f3cf17e44cb80d7af27a73d68f79083d162e8dafb9ff491eae535234bc3ba22054ee473db69be4e68db0c9af6a4b464aa31ab8f0f0e
SSDEEP

6144:tba93fo2ny21i/H6UwQMs+nzcrkVhj40TVkpj4InJaOmMgrbuppJIZrW:Exu2ifdL+nUq406j4Wa/ZrbuppJEW

Score

N/A

Malware Config

Signatures

Files

6170cf6b8177798371a0a7281d296bd79584a4c8d4aa2f2643cfa7d1c95b238b
.zip
invoice.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

I9 +y
Size: 325KB - Virtual size: 325KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy