6ddad15099581f8101d4391ab3e50a6449f912bd1ab0d20504bae916b88d71d9 | Triage

Submit
Reports

Overview

overview

Static

static

6ddad15099...d9.exe

windows7-x64

6ddad15099...d9.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

6ddad15099581f8101d4391ab3e50a6449f912bd1ab0d20504bae916b88d71d9.exe

Resource

win7-20220901-en

evasion persistence trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

6ddad15099581f8101d4391ab3e50a6449f912bd1ab0d20504bae916b88d71d9.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

6ddad15099581f8101d4391ab3e50a6449f912bd1ab0d20504bae916b88d71d9
Size

409KB
MD5

3823e00336d2db43a68beb7791f820e5
SHA1

c2abf6d0bbea7c28d3881a47be1267ca983c310d
SHA256

6ddad15099581f8101d4391ab3e50a6449f912bd1ab0d20504bae916b88d71d9
SHA512

e949c64c1c0d3cc1b8badc6064abacef935ba0fe6bb00c5b2e1deee8319a50d482b9bc07e552f234976c527c2d9f02b5fc203b7e662b83d2961c1852d3af7369
SSDEEP

6144:JhN+T0nUNy/b5Q0XW7skl3n3azpNHXzFJDKDHLg+UGP38ZySfngFDSg7iyS4HQ1e:p+I/5QKW7ZGpNHXWvxwyingRx7PSV

Score

N/A

Malware Config

Signatures

Files

6ddad15099581f8101d4391ab3e50a6449f912bd1ab0d20504bae916b88d71d9
.exe windows x86

10827537eb1055a8d90dfcdb0af28f7b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
DeviceIoControl
GetModuleFileNameW
Sleep
SetConsoleCP
GetStartupInfoA
VirtualAllocEx
GetExitCodeProcess
GetModuleHandleA
CloseHandle
WriteFile
GetTickCount
ReleaseMutex
GetCommandLineA
GlobalSize
GlobalFlags
SetFilePointer
SetEvent
lstrlenW
DeleteFileA

user32

GetWindowLongW
DispatchMessageA
LoadImageA
GetParent
SetFocus
DispatchMessageA
CallWindowProcW
FillRect
DrawTextW
PeekMessageA
BeginPaint
IsWindowVisible
DestroyWindow

ir41_qc

Compress
Compress
Compress
Compress

wininet

FtpCommandA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 512KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 402KB - Virtual size: 401KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy