4d6f38d68456e7e1d2b0a70a3d69b8f3ce8657209a3871a23d0d6c581549fad1 | Triage

Submit
Reports

Overview

overview

Static

static

4d6f38d684...d1.exe

windows7-x64

4d6f38d684...d1.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

4d6f38d68456e7e1d2b0a70a3d69b8f3ce8657209a3871a23d0d6c581549fad1.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

4d6f38d68456e7e1d2b0a70a3d69b8f3ce8657209a3871a23d0d6c581549fad1.exe

Resource

win10v2004-20220812-en

evasion persistence trojan

windows10-2004-x64

8 signatures

150 seconds

General

Target

4d6f38d68456e7e1d2b0a70a3d69b8f3ce8657209a3871a23d0d6c581549fad1
Size

98KB
MD5

8eb5811c4b0cd1abb2967ecf7e098063
SHA1

5a99d082304bd04b3ded186bfa6474ab051c5d24
SHA256

4d6f38d68456e7e1d2b0a70a3d69b8f3ce8657209a3871a23d0d6c581549fad1
SHA512

f7ccc03180b35c6f1fd795aea459eee3f69ef0aa7d9487dec8a36d0438dadfc15699f1da08ea49fbf795ad6cf32ccfc993f84ba61d362e83b3a157b39d724011
SSDEEP

3072:mbk3T6ygIbk3T6ygIbk3T6ygIbk3T6yg:mbqxgIbqxgIbqxgIbqxg

Score

N/A

Malware Config

Signatures

Files

4d6f38d68456e7e1d2b0a70a3d69b8f3ce8657209a3871a23d0d6c581549fad1
.exe windows x86

5a5f2a972ce84122812312fe40558610

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
lstrcpynA
lstrcatA
GetWindowsDirectoryA
GetModuleFileNameA
Process32Next
CloseHandle
Process32First
CreateToolhelp32Snapshot
SizeofResource
LoadResource
FindResourceA
CreateProcessA
DeleteFileA
Sleep
SetLastError
OpenProcess
FreeLibrary
SuspendThread
GetCurrentThread
lstrcmpiA
GetProcAddress
GetModuleHandleA
GetVersion
WriteFile
OpenFile
LockResource
GetCommandLineA
CreateRemoteThread
GetExitCodeThread
WaitForSingleObject
DuplicateHandle
GetCurrentProcess
VirtualFreeEx
WriteProcessMemory
GetLastError
VirtualAllocEx
GetTickCount
SetFileAttributesA
CopyFileA
lstrcpyA
LoadLibraryA
lstrlenA

advapi32

RegOpenKeyExA
RegSetValueExA
RegCloseKey
RegCreateKeyExA

user32

wsprintfA
CharUpperA

shlwapi

StrStrA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 750B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy