a63efba48a88c5568eee7fda8a40ec1e62e2dc9f455883ee37a40e9582c9e2ae | Triage

Submit
Reports

Overview

overview

Static

static

a63efba48a...ae.exe

windows7-x64

a63efba48a...ae.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

a63efba48a88c5568eee7fda8a40ec1e62e2dc9f455883ee37a40e9582c9e2ae.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

a63efba48a88c5568eee7fda8a40ec1e62e2dc9f455883ee37a40e9582c9e2ae.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

a63efba48a88c5568eee7fda8a40ec1e62e2dc9f455883ee37a40e9582c9e2ae
Size

324KB
MD5

5aa66dff176be593c34b608e2abeb6b0
SHA1

3ee2b2cefa71df972153b294b51efd015b9cd1b1
SHA256

a63efba48a88c5568eee7fda8a40ec1e62e2dc9f455883ee37a40e9582c9e2ae
SHA512

007f5fb521fab2d9d24eed6c3bcc7d76eb38decfe5705eb3629393bbe5ca99c28aea2f3e0cb10f7ccfeb740d319ef01a3965784ec4ea7fde7a68dd5fd2467e5a
SSDEEP

6144:kq/48er7VGHIEpmf1TpWSoLWpuU84M4HP8+ykF5kta0i/sfNFX4mPYo1k4bQQ:kw1erBGHIP11oLwuUn7ykF5GaFsfHXxE

Score

N/A

Malware Config

Signatures

Files

a63efba48a88c5568eee7fda8a40ec1e62e2dc9f455883ee37a40e9582c9e2ae
.exe windows x86

06fa5e79c494e9e362276f7e591906dd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyA
GetDiskFreeSpaceW
CloseHandle
FindAtomA
CreateFileA
HeapCreate
GetComputerNameA
GetCommandLineW
GetFileAttributesW
SetEvent
CreateThread
TlsGetValue
SetLastError
ResetEvent
LoadLibraryW
LocalFree
GetSystemTime
GetTickCount
GetModuleHandleA
ResumeThread

advapi32

RegCloseKey
RegDeleteKeyA
CloseEventLog
RegCreateKeyExA
GetFileSecurityA
IsTokenRestricted
GetUserNameW
RegQueryValueA
IsValidAcl
CreateServiceW
RegEnumValueA
GetLengthSid
RegEnumKeyExA

cryptui

CryptUIDlgCertMgr
CryptUIWizFreeDigitalSignContext
WizardFree
CryptUIDlgSelectStoreA
LocalEnroll

user32

MessageBoxA

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 428KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 314KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy