23e4f36a53a03c4b9bc31c8bb8a6eb2a9647ec8b2ba5b4d8dccf4f80b6ff9abe | Triage

Submit
Reports

Overview

overview

Static

static

23e4f36a53...be.exe

windows7_x64

23e4f36a53...be.exe

windows10-2004_x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

23e4f36a53a03c4b9bc31c8bb8a6eb2a9647ec8b2ba5b4d8dccf4f80b6ff9abe.exe

Resource

win7-20220414-en

tofsee evasion persistence trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

23e4f36a53a03c4b9bc31c8bb8a6eb2a9647ec8b2ba5b4d8dccf4f80b6ff9abe.exe

Resource

win10v2004-20220414-en

tofsee evasion persistence trojan

windows10-2004_x64

0 signatures

0 seconds

General

Target

23e4f36a53a03c4b9bc31c8bb8a6eb2a9647ec8b2ba5b4d8dccf4f80b6ff9abe
Size

98KB
MD5

e7108d1c5bbdb323e604f85f9293c3bb
SHA1

ed59cb4f3d4ce8e98e638954e610f57d036cbf5e
SHA256

23e4f36a53a03c4b9bc31c8bb8a6eb2a9647ec8b2ba5b4d8dccf4f80b6ff9abe
SHA512

1fd5f4d92e940d2db3003b77668e5cc5227e9c4b43ef2baaf882157876337d47bb964e8eefa37db1d20dd9c712f508e8ab015d73bd7932c8b86a494f1d8f54e9
SSDEEP

3072:Rho9frPMBPvW/NpkplscU+c8Q5085fRcSYUt0zR:gzUnWHkpU+c55F5cSYUt0

Score

N/A

Malware Config

Signatures

Files

23e4f36a53a03c4b9bc31c8bb8a6eb2a9647ec8b2ba5b4d8dccf4f80b6ff9abe
.exe windows x86

5b074e8e61ac028b22bd0edea654d1eb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
LoadLibraryW
WaitForSingleObject
LoadLibraryA
CreateFileMappingW
TlsSetValue
GetShortPathNameA
FreeConsole
WriteFile
AddAtomA
CreateMailslotA
EncodePointer
VirtualAlloc
OpenFileMappingW
GetTickCount

cryptdll

MD5Update
MD5Final

ctl3d32

Ctl3dCtlColor
Ctl3dRegister

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.udata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.relo
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy