30b0c3903eb2880f5df29ca3c45183e738090d16805cf7d75e9ea5c92c94f74d | Triage

Submit
Reports

Overview

overview

Static

static

30b0c3903e...4d.exe

windows7-x64

30b0c3903e...4d.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

30b0c3903eb2880f5df29ca3c45183e738090d16805cf7d75e9ea5c92c94f74d.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

30b0c3903eb2880f5df29ca3c45183e738090d16805cf7d75e9ea5c92c94f74d.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

30b0c3903eb2880f5df29ca3c45183e738090d16805cf7d75e9ea5c92c94f74d
Size

340KB
MD5

63e19501aa23625759229c74641686a5
SHA1

6f141bb89305a5ea49ba944d3cb35f1cb81cfde4
SHA256

30b0c3903eb2880f5df29ca3c45183e738090d16805cf7d75e9ea5c92c94f74d
SHA512

560d87f6dc79fa2f2ee6898d3f79110507c772c076d6602bb176130034cbf646987375c2fc185b1798d22cc016a07fbf78c9199893c1dc15cd94e50c433f47f1
SSDEEP

6144:gtmdKF7Yta2UM5IxXF/tIKAL7iFE7sNBo+aa9R3HJxvkSuM4PydwLtna:p1tUM5aV/oLOVfhaa9ZpV29a

Score

N/A

Malware Config

Signatures

Files

30b0c3903eb2880f5df29ca3c45183e738090d16805cf7d75e9ea5c92c94f74d
.exe windows x86

7476d4e959caa4c2b679e26958a29256

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventA
DeleteTimerQueue
LoadLibraryExA
GlobalUnlock
CloseHandle
FreeEnvironmentStringsA
CreateFileA
GetModuleHandleA
GlobalLock
MapViewOfFile
FindClose
GetConsoleCP
HeapCreate
GetACP
GetStdHandle
IsBadReadPtr
GetDriveTypeA
LocalFree
lstrlenA
GetLastError

user32

ClipCursor
EndDialog
IsMenu
RedrawWindow
CreateWindowExA
GetDlgItem
GetSubMenu
GetMessageA
GetParent
DialogBoxParamA
CheckMenuItem
GetDlgItemTextA
SetFocus
DrawIconEx

apphelp

SdbFindFirstTag
ApphelpShowDialog
ApphelpCheckRunApp
SdbCloseDatabase
ApphelpCheckIME

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy