bd2e72a6ee3999e46fad566355ee1d9baf8d2815888f5b5c3afbdbf81f353e80 | Triage

Submit
Reports

Overview

overview

Static

static

bd2e72a6ee...80.exe

windows7-x64

bd2e72a6ee...80.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

bd2e72a6ee3999e46fad566355ee1d9baf8d2815888f5b5c3afbdbf81f353e80.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

bd2e72a6ee3999e46fad566355ee1d9baf8d2815888f5b5c3afbdbf81f353e80.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

bd2e72a6ee3999e46fad566355ee1d9baf8d2815888f5b5c3afbdbf81f353e80
Size

389KB
MD5

58dbd3cc8e0fe43bd18ac336c3eabd50
SHA1

8db30b1cab087c0f0011b6a4b37fddead56d66d9
SHA256

bd2e72a6ee3999e46fad566355ee1d9baf8d2815888f5b5c3afbdbf81f353e80
SHA512

d1de9f9b9870947ca5af44b06501cbbe8e20a61d346e023629999899870174a5ba7b136be1de850c9aae6c651a1a370010b8975fc6e7dd1ac8941a9ef4ab749c
SSDEEP

6144:v8Rte0N3bYeKw2Dido9g1Suu1nwtcsA9wr9hbXLIvWBbmuA5Pwf:vN0hz2g1SV1nwtcsCUhbXLIvqKuA+

Score

N/A

Malware Config

Signatures

Files

bd2e72a6ee3999e46fad566355ee1d9baf8d2815888f5b5c3afbdbf81f353e80
.exe windows x86

e97c00198783b3ed46687419d975aa12

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetTickCount
SetFilePointer
GetModuleFileNameA
GetVolumePathNameA
IsValidLocale
PulseEvent
InterlockedExchange
HeapDestroy
GetCurrentThreadId
GetFileAttributesA
LeaveCriticalSection
GetModuleHandleA
GetDriveTypeW
DeleteFileW
OpenEventW
CreateDirectoryA
CreateFileW
DeleteFileW
VirtualProtectEx
GlobalFlags
OpenMutexW
CreateFileW
FindAtomW
GetProcessVersion
SetFileTime

user32

DestroyIcon
GetWindowTextA
SetFocus
SetRect
PeekMessageA
LoadCursorA
IsMenu
wsprintfA
MessageBoxA
DispatchMessageA
GetWindowLongA
DestroyMenu
GetWindowLongA

dpnhpast

DllUnregisterServer
DllCanUnloadNow
DllRegisterServer
DllGetClassObject

advapi32

IsValidAcl

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 380KB - Virtual size: 920KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy