11df574f3c29efb8a0efe2068b84f327b2729ba44e93335eb641262e61bccff5 | Triage

Submit
Reports

Overview

overview

Static

static

11df574f3c...f5.exe

windows7-x64

11df574f3c...f5.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

11df574f3c29efb8a0efe2068b84f327b2729ba44e93335eb641262e61bccff5.exe

Resource

win7-20220812-en

xtremerat persistence rat spyware upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

11df574f3c29efb8a0efe2068b84f327b2729ba44e93335eb641262e61bccff5.exe

Resource

win10v2004-20220812-en

xtremerat persistence rat spyware upx

windows10-2004-x64

8 signatures

150 seconds

General

Target

11df574f3c29efb8a0efe2068b84f327b2729ba44e93335eb641262e61bccff5
Size

252KB
MD5

017a6e75d036600ca824549d7e3d862a
SHA1

838f0f1cefc82d651f866e2f8043bca4f5cb4eee
SHA256

11df574f3c29efb8a0efe2068b84f327b2729ba44e93335eb641262e61bccff5
SHA512

f002a762cae8b9e02d2fc25b79dc43258ffd02700928db314db3248e8fc4bfa41e72085fc157d69096af180d2c3a20ded5df5b61ee2d746a0fbb01034ec73eaa
SSDEEP

3072:66IF+jfPsCWsu0zMVLEAO8hzj8tHuG4Kby38laf:kWCzjcl+H

Score

N/A

Malware Config

Signatures

Files

11df574f3c29efb8a0efe2068b84f327b2729ba44e93335eb641262e61bccff5
.exe windows x86

dcbe711a0f7d8224ddaa5c3b5ca436e2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvbvm60

ord696
MethCallEngine
ord516
ord628
ord631
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ord606
ord608
ord717
ProcCallEngine
ord644
ord572
ord100
ord616

Sections

0
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

1
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

3
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

4
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

5
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy