b6bdb4b596dda86f8b423082fc4167e01096ecc166db82631db945be9e4dfc85 | Triage

Submit
Reports

Overview

overview

Static

static

b6bdb4b596...85.exe

windows7-x64

b6bdb4b596...85.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

b6bdb4b596dda86f8b423082fc4167e01096ecc166db82631db945be9e4dfc85.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

b6bdb4b596dda86f8b423082fc4167e01096ecc166db82631db945be9e4dfc85.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

b6bdb4b596dda86f8b423082fc4167e01096ecc166db82631db945be9e4dfc85
Size

412KB
MD5

6bac5a55592909d88cc47164c4f1d890
SHA1

dc725c19a964d398ef91be8d30b9c785c4402107
SHA256

b6bdb4b596dda86f8b423082fc4167e01096ecc166db82631db945be9e4dfc85
SHA512

d9bf5a799358c623a98cabcdab953ab64a188dd74b363d61600aa8fd5fe680e18c24a5aa17735ff7e957f05b8c3bbc3538271f4ed35d11d4b5065922a259f089
SSDEEP

12288:+HMWNFkiLSmvPvDoiL1t/viGoa1FebAn+5+s/Y9fN:GFVvnDom1t/vxoajwAntsc

Score

N/A

Malware Config

Signatures

Files

b6bdb4b596dda86f8b423082fc4167e01096ecc166db82631db945be9e4dfc85
.exe windows x86

13cc3bcba3d03c4075c6debaf5525ec4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

AddAtomW
CreateMutexA
SetFilePointer
GetStdHandle
GetFileAttributesW
VirtualProtect
SuspendThread
GetTickCount
LeaveCriticalSection
lstrlenA
InterlockedExchange
LocalFlags
CreateDirectoryA
CreateFileW
GetCurrentThreadId
ResumeThread
GetVersionExA
SetEvent
CreateFileW
GetModuleFileNameA
HeapDestroy
OpenEventW
GetModuleHandleA
GetLocaleInfoA
IsValidLocale

user32

IsMenu
wsprintfA
PeekMessageA
GetWindowLongA
DestroyIcon
MessageBoxA
SetRect
DestroyMenu
IsMenu
DispatchMessageA
GetWindowLongA
LoadCursorA
GetWindowTextA

dplayx

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

advapi32

IsValidAcl

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 406KB - Virtual size: 716KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy