112626c80723081de153623493adad8068d5b27497edf13dab5ed905bc3368e8 | Triage

Submit
Reports

Overview

overview

Static

static

112626c807...e8.exe

windows7_x64

112626c807...e8.exe

windows10-2004_x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

112626c80723081de153623493adad8068d5b27497edf13dab5ed905bc3368e8.exe

Resource

win7-20220414-en

metasploit backdoor persistence suricata trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

112626c80723081de153623493adad8068d5b27497edf13dab5ed905bc3368e8.exe

Resource

win10v2004-20220414-en

metasploit backdoor persistence suricata trojan

windows10-2004_x64

0 signatures

0 seconds

General

Target

112626c80723081de153623493adad8068d5b27497edf13dab5ed905bc3368e8
Size

48KB
MD5

3a59d45ff99888ef3eda7595c10e295a
SHA1

2e41ca17e9549244d314fd287aeb159748d261f7
SHA256

112626c80723081de153623493adad8068d5b27497edf13dab5ed905bc3368e8
SHA512

890fb4cc5c73b84f52a2b3f1fc125200a5e1eee4aec39739814e923ad53f7c5397d0655a30a87d3b990482fae27930389d9663d9121e7b2008bd691ee8f18d92
SSDEEP

768:aFsBFtxm9nl4Cvry6C0n7mbjdzP5bOmGRH3yIil99l7F7sEIDwl3DwoDwo:CsBFts7m6C6C3dzB83F8gEIDW3DZDZ

Score

N/A

Malware Config

Signatures

Files

112626c80723081de153623493adad8068d5b27497edf13dab5ed905bc3368e8
.exe windows x86

f781fa69ff30477e32b88df4bb3f7198

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteProcessMemory
WaitNamedPipeA
MoveFileExW
GetVolumeNameForVolumeMountPointA
FreeConsole
IsDebuggerPresent
VirtualFree
GetThreadContext
VirtualAllocEx
GetStdHandle
GetLocalTime
DisableThreadLibraryCalls
LZStart
CancelWaitableTimer

odbc32

SQLCancel

crypt32

CertFreeCRLContext

dhcpcsvc

DhcpUndoRequestParams

user32

SetLayeredWindowAttributes
LoadKeyboardLayoutA
SetThreadDesktop
RegisterLogonProcess
InsertMenuItemA
DestroyMenu
EnableWindow
GetWindow
GetGUIThreadInfo
IsCharAlphaNumericA
SetWindowPlacement
DlgDirListComboBoxW
CreateWindowExA

advapi32

GetAce
AddAce

authz

AuthzOpenObjectAudit

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 326KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 640B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy