cc638f825e7502614cc9a918f9f28e3bfeadbaa4a6eaccf3d42ada7c2ad7e202 | Triage

Submit
Reports

Overview

overview

Static

static

cc638f825e...02.exe

windows7-x64

cc638f825e...02.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

cc638f825e7502614cc9a918f9f28e3bfeadbaa4a6eaccf3d42ada7c2ad7e202.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

cc638f825e7502614cc9a918f9f28e3bfeadbaa4a6eaccf3d42ada7c2ad7e202.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

cc638f825e7502614cc9a918f9f28e3bfeadbaa4a6eaccf3d42ada7c2ad7e202
Size

382KB
MD5

7631d81ec3151dfac69ea2611c7a8000
SHA1

31e9c8bcc176a5c4e114af125ce568b073ed8356
SHA256

cc638f825e7502614cc9a918f9f28e3bfeadbaa4a6eaccf3d42ada7c2ad7e202
SHA512

33e73856ff67c363fa2b55411f9d000e32adac9aadc5f2fa436b775052e0be6728641c1174a3959789d73fec40d030185596b81e8699b0fb0560032d6113fdee
SSDEEP

6144:ec2BRM50I8mJ+ehSemWfSZSzuhgrE9dYCb8xf4I7GVltNyEe6EofQKKfnGIYt3yo:qRM50I8mJlmWp6hgricAQG3Xxai5

Score

N/A

Malware Config

Signatures

Files

cc638f825e7502614cc9a918f9f28e3bfeadbaa4a6eaccf3d42ada7c2ad7e202
.exe windows x86

da7891dbcce33e65ce48d40b5473ed69

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
ResetEvent
InterlockedExchange
FindVolumeClose
GlobalFree
CloseHandle
CreateEventA
ResumeThread
GetStdHandle
GetModuleHandleW
CreateMutexA
GlobalSize
VirtualAlloc
LocalFree
GetCommandLineA
GetPrivateProfileIntW
lstrlenA
GetACP
GetEnvironmentVariableW
GetExitCodeProcess

advapi32

IsValidSid
RegCreateKeyExW
CloseEventLog
CreateServiceA
RegDeleteKeyA
IsTextUnicode
RegDeleteValueA
ControlService
RegCloseKey
RegEnumKeyW
RegQueryValueW
IsValidSecurityDescriptor
ClearEventLogW

asycfilt

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

hdwwiz.cpl

InstallNewDevice

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 372KB - Virtual size: 371KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy