38c02b3b880c3e0db20cc951f7b730096f4d82b61c817bd9251080d72ab53343 | Triage

Submit
Reports

Overview

overview

Static

static

38c02b3b88...43.exe

windows7-x64

38c02b3b88...43.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

38c02b3b880c3e0db20cc951f7b730096f4d82b61c817bd9251080d72ab53343.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

38c02b3b880c3e0db20cc951f7b730096f4d82b61c817bd9251080d72ab53343.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

38c02b3b880c3e0db20cc951f7b730096f4d82b61c817bd9251080d72ab53343
Size

325KB
MD5

ffd5ac0e993f337ba798d2c4dac0705f
SHA1

8accdb6af5ed59390540aa7c46cb4fa5c343fa8b
SHA256

38c02b3b880c3e0db20cc951f7b730096f4d82b61c817bd9251080d72ab53343
SHA512

31e9b4f917b3acdf541b2b848cffe5ff70a9c178ac266534a28916c4a56713a77298fbdb2fb2d3689085d360fc577eca4cc2fe4b511c25e94c5cdda12063d35a
SSDEEP

6144:Zgpd5NG3XXnRI2RZfdM5rkVYIWNJnXyEtBfCvoK8CUmt6CAWctDpv:ZgP/IXRIGdMNkiIEJnXWzbUVtWctDpv

Score

N/A

Malware Config

Signatures

Files

38c02b3b880c3e0db20cc951f7b730096f4d82b61c817bd9251080d72ab53343
.exe windows x86

f88f8e696675408e9dd0e9748a0dd68b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
ResetEvent
GetSystemTime
GetCommandLineW
GetComputerNameA
GetFileAttributesA
GetExitCodeProcess
SetLastError
CloseHandle
LocalFree
GetDiskFreeSpaceW
SetEvent
GetModuleHandleA
CreateThread
LoadLibraryW
FindAtomA
HeapCreate
GetTickCount
SuspendThread
CreateFileA

advapi32

CloseEventLog
CreateServiceW
RegDeleteKeyA
CredFree
IsTokenRestricted
RegEnumKeyExA
RegCloseKey
GetLengthSid
RegQueryValueA
GetUserNameW
RegCreateKeyExA
RegEnumValueA
GetFileSecurityA

cryptui

WizardFree
CryptUIDlgSelectCA
LocalEnroll
CryptUIDlgSelectStoreA
CryptUIDlgCertMgr

powercfg.cpl

CPlApplet

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 428KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 315KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy