30db689efbddc499e2c8a32743a2b06a4a85599dcf5934940d6e39cf82cf1ecd | Triage

Submit
Reports

Overview

overview

Static

static

30db689efb...cd.exe

windows7-x64

30db689efb...cd.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

30db689efbddc499e2c8a32743a2b06a4a85599dcf5934940d6e39cf82cf1ecd.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

30db689efbddc499e2c8a32743a2b06a4a85599dcf5934940d6e39cf82cf1ecd.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

30db689efbddc499e2c8a32743a2b06a4a85599dcf5934940d6e39cf82cf1ecd
Size

482KB
MD5

ed5c55c7ff95d0d8c07d63a5725d2c42
SHA1

258e5d17623a33506908b3b85a23c5cf54cc34f4
SHA256

30db689efbddc499e2c8a32743a2b06a4a85599dcf5934940d6e39cf82cf1ecd
SHA512

ccdda475f858869f62357f39fbd31fb36cded5f86631b74879f4fe3c42ee7a9bfe4bfd8210aa14b47432225d0415ad4337bdf39d0a08eaf0c9c9de218ba616b8
SSDEEP

6144:wrgMhW1mbeEt9nNZD80xBto23yPBzZ5bekgAUeGhkNljNfFmF9q57:vMMIXNfB223O1ZMkhVGhKhNdUQ57

Score

N/A

Malware Config

Signatures

Files

30db689efbddc499e2c8a32743a2b06a4a85599dcf5934940d6e39cf82cf1ecd
.exe windows x86

989bf2550636e37faab2ef20d8b43a94

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
CloseHandle
HeapCreate
GetModuleHandleA
CreateFileA
GetStdHandle
HeapDestroy
GetEnvironmentVariableA
MapViewOfFile
GetACP
Sleep
ReadFile
GetCommandLineW
DeleteAtom
GetModuleFileNameA
IsBadCodePtr
TlsGetValue
GetFileAttributesA
SetEvent
DeleteFileW

user32

DispatchMessageA
FindWindowA
CallWindowProcW
SetFocus
DestroyMenu
GetSysColor
GetWindowLongA
IsZoomed
GetClassInfoA
GetWindowInfo
GetKeyState
DispatchMessageA
DrawTextW
DestroyMenu

pnrpnsp

NSPStartup
NSPStartup
NSPStartup
NSPStartup

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 472KB - Virtual size: 472KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy