16d045e0a3a3a3c1aa2301eb718c5af1858f3efa9bcbe9680c65f7c25f1bc92d | Triage

Submit
Reports

Overview

overview

Static

static

16d045e0a3...2d.exe

windows7-x64

16d045e0a3...2d.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

16d045e0a3a3a3c1aa2301eb718c5af1858f3efa9bcbe9680c65f7c25f1bc92d.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

16d045e0a3a3a3c1aa2301eb718c5af1858f3efa9bcbe9680c65f7c25f1bc92d.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

16d045e0a3a3a3c1aa2301eb718c5af1858f3efa9bcbe9680c65f7c25f1bc92d
Size

385KB
MD5

025d9d940b7e5598ea25a66ce073750e
SHA1

dbc5f2f957a2092f069ba5c2ba5515fb31ae20a5
SHA256

16d045e0a3a3a3c1aa2301eb718c5af1858f3efa9bcbe9680c65f7c25f1bc92d
SHA512

e9fc262f5bbff983fabd0e8482ff5bb56c1342914b12c3ed3e8dde704eeca6ffdada1822d42de7d3cd5b3c31004e31c7d2ede942e43a43762f34598236f2d0c5
SSDEEP

6144:QVPcpCG0fJMHneMCDB6sEFu6XwydbyY9gHDtWGDSYAnLCI:z4G0fchCd+RXwycY9gkGTALb

Score

N/A

Malware Config

Signatures

Files

16d045e0a3a3a3c1aa2301eb718c5af1858f3efa9bcbe9680c65f7c25f1bc92d
.exe windows x86

d8ae183ea2e013ac03cca6230f154e08

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeW
GetACP
VirtualAlloc
GetExitCodeProcess
lstrlenA
LocalSize
ResumeThread
GetPrivateProfileIntW
GlobalFree
FindVolumeClose
CloseHandle
GetEnvironmentVariableA
LocalFree
GetModuleHandleW
WriteFile
FreeConsole
InterlockedExchange
ResetEvent
GetMailslotInfo
CreateThread

user32

DrawStateW
GetCursorInfo
CreateWindowExA
IsWindow
CallWindowProcW
GetKeyboardType
SetFocus
GetSysColor
GetClassInfoA
GetSysColor
DispatchMessageA
GetClientRect
EndDialog

qedit

DllUnregisterServer
DllUnregisterServer
DllGetClassObject
DllUnregisterServer
DllUnregisterServer

sysdm.cpl

NoExecuteAddFileOptOutList

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 412KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 375KB - Virtual size: 375KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy