20ae5d6792558b37e3533d50bf128d50b486a1f9d6de32e8ea49e265e6730f82 | Triage

Submit
Reports

Overview

overview

Static

static

20ae5d6792...82.exe

windows7-x64

20ae5d6792...82.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

20ae5d6792558b37e3533d50bf128d50b486a1f9d6de32e8ea49e265e6730f82.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

20ae5d6792558b37e3533d50bf128d50b486a1f9d6de32e8ea49e265e6730f82.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

20ae5d6792558b37e3533d50bf128d50b486a1f9d6de32e8ea49e265e6730f82
Size

492KB
MD5

3fe4c0a948f564305aa1b148551fd47d
SHA1

d11ecdf8aaea468cfd884a3d4c56d852787061e7
SHA256

20ae5d6792558b37e3533d50bf128d50b486a1f9d6de32e8ea49e265e6730f82
SHA512

160b82603f6bfa1e859df60c6a961a6292598e379cd8dadacb571c25be21a72e2738ff4b0b172cd1df6ce65fb904fe4ed295c18ed68d3272bd5db73f19804318
SSDEEP

6144:TyuiKPMmDm73Sf5wvcYm2sQ2xKYvjdBEHMm7DOe9HRGR4EFktwOmCJEuGG0:WrKPMmb5wh1sQE9jjE6JeEkWG

Score

N/A

Malware Config

Signatures

Files

20ae5d6792558b37e3533d50bf128d50b486a1f9d6de32e8ea49e265e6730f82
.exe windows x86

a935f546c90b0e5b5e94e0356d0226e4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
CreateMailslotA
SuspendThread
ReadFile
FindAtomA
GetPrivateProfileStringW
EnumCalendarInfoW
GetModuleHandleA
GetPriorityClass
HeapDestroy
FindClose
EnterCriticalSection
GlobalFree
HeapCreate
GetProcessTimes
GetModuleFileNameA
GetCurrentProcessId
GetCurrentThreadId
GetFileAttributesA
LocalFree

user32

CallWindowProcW
GetClassInfoA
IsWindow
GetKeyboardType
SetFocus
GetWindowLongA
GetKeyState
DrawTextW
GetClientRect
DispatchMessageA
GetSysColor
DispatchMessageA
GetWindowInfo

devenum

DllGetClassObject
DllGetClassObject
DllGetClassObject
DllGetClassObject
DllGetClassObject

desk.cpl

DeskSetCurrentScheme

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 482KB - Virtual size: 482KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy