5ff46bca8d033a58673c281fa26b7158c1d11ba6eca99a1553e2651fbb0256f0 | Triage

Submit
Reports

Overview

overview

Static

static

5ff46bca8d...f0.exe

windows7-x64

5ff46bca8d...f0.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

5ff46bca8d033a58673c281fa26b7158c1d11ba6eca99a1553e2651fbb0256f0.exe

Resource

win7-20220715-en

tofsee evasion persistence trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

5ff46bca8d033a58673c281fa26b7158c1d11ba6eca99a1553e2651fbb0256f0.exe

Resource

win10v2004-20220721-en

tofsee evasion persistence trojan

windows10-2004-x64

13 signatures

150 seconds

General

Target

5ff46bca8d033a58673c281fa26b7158c1d11ba6eca99a1553e2651fbb0256f0
Size

150KB
MD5

0c3e9598600bccf1d8b874bdda869bca
SHA1

aeb7cd8f3f96fc4113fed76d86fa2434f2069e5e
SHA256

5ff46bca8d033a58673c281fa26b7158c1d11ba6eca99a1553e2651fbb0256f0
SHA512

6a47074a26686433edd0ebdc0573fb3541328cecc2f87421c49bf2c0a5087e36ce3a9f7d3438c37229f9b182f31e3509cd5e3c4941583a946ea777cb5909fb31
SSDEEP

3072:EDlYHU8GeZDWDzTsDcCDTC1lqW5DDN+DoLfNLm2nDDa+D3JDRrD6FNDNAn0/DDtI:EDlYHU8GeZDWDzTsDcCDTC1lqW5DDN+0

Score

N/A

Malware Config

Signatures

Files

5ff46bca8d033a58673c281fa26b7158c1d11ba6eca99a1553e2651fbb0256f0
.exe windows x86

ac37ba5f98b5406863c64402d9ce30ff

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

cfgmgr32

CM_Add_Empty_Log_Conf
CMP_Init_Detection
CMP_Report_LogOn
CM_Add_Range

comsvcs

CoCreateActivity
RecycleSurrogate
CoLoadServices
CoEnterServiceDomain
SafeRef

kernel32

GetOEMCP
FindNextFileW
WaitForSingleObject
CreateMutexW
CreateFileW
CreateWaitableTimerW
GetPrivateProfileStringW
DefineDosDeviceA
CreateFileMappingA
FormatMessageW
TlsGetValue
lstrlenA
LoadLibraryExW
OpenFileMappingA
LoadLibraryA
GetProcAddress
CreateProcessW
OpenSemaphoreA
GetVolumePathNameW
GetLogicalDriveStringsA
CreateEventA

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 68KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy