21ba5fa5cefc8213155f972a94c260c880e0fb31aecf8f8161feba26e016d273 | Triage

Submit
Reports

Overview

overview

Static

static

21ba5fa5ce...73.exe

windows7-x64

21ba5fa5ce...73.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

21ba5fa5cefc8213155f972a94c260c880e0fb31aecf8f8161feba26e016d273.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

21ba5fa5cefc8213155f972a94c260c880e0fb31aecf8f8161feba26e016d273.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

21ba5fa5cefc8213155f972a94c260c880e0fb31aecf8f8161feba26e016d273
Size

449KB
MD5

4652937b35d066199f6ad48200580f9e
SHA1

3b5b79565fe2cf8edf44e36f8d940264e6e7bccf
SHA256

21ba5fa5cefc8213155f972a94c260c880e0fb31aecf8f8161feba26e016d273
SHA512

62486c77c7deea32402304ceefd6d80ac873b773a44a258272b4ac1e69fc2fc828a41177939e1d32e039c6031acaf421bc5f792240f7b793b563509d6b03f048
SSDEEP

12288:JOQ2V+6p46Ugqsmc004mQQA6yK6dk19CUKwH6zuwc62:JOQ2w6UZs9YbCyFdkGFSJ

Score

N/A

Malware Config

Signatures

Files

21ba5fa5cefc8213155f972a94c260c880e0fb31aecf8f8161feba26e016d273
.exe windows x86

2c097cc52c1149767dac407cfc915ceb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ClearCommBreak
ExitProcess
CancelIo
ResetEvent
OpenProcess
GetFileAttributesA
VirtualAllocEx
HeapSize
GetCommandLineW
GetModuleHandleA
GetEnvironmentVariableW
ReleaseMutex
CreateMutexA
RemoveDirectoryA
SetLastError
CreateFileA
DeleteFileW
GetStartupInfoA
WriteConsoleA
GetTickCount
SetEvent

user32

GetWindowLongA
GetCursorInfo
FillRect
GetDC
GetClassInfoA
FindWindowA
DispatchMessageW
GetSysColor
CallWindowProcW
PeekMessageA
GetDC
DispatchMessageW
GetDC

lpk

LpkExtTextOut
LpkExtTextOut
LpkExtTextOut
LpkExtTextOut

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 608KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 443KB - Virtual size: 442KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy