87c4218603d774d2849d11b39daff1d72d04b4883d4fb7b7878ce5cabf37cf99 | Triage

Submit
Reports

Overview

overview

Static

static

87c4218603...99.exe

windows7-x64

87c4218603...99.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

87c4218603d774d2849d11b39daff1d72d04b4883d4fb7b7878ce5cabf37cf99.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

87c4218603d774d2849d11b39daff1d72d04b4883d4fb7b7878ce5cabf37cf99.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

87c4218603d774d2849d11b39daff1d72d04b4883d4fb7b7878ce5cabf37cf99
Size

452KB
MD5

598f40faef338e2ce19cc0a3d0babeae
SHA1

84273bf0ce134c421dd2e177203e7e0adc056ed6
SHA256

87c4218603d774d2849d11b39daff1d72d04b4883d4fb7b7878ce5cabf37cf99
SHA512

272691a7af0ec2a0e08f6f4e260735130e829ab32cf338c53da9ddf2da067e592632252c0515619df49035e4ace062842eb6c8d24ca329fd9bd3fac0e474881f
SSDEEP

12288:mBBMKRlnwiSm+xHSD71QKK1MieKbSUsJfclZwn+hRl1U6y0Qhf:mBqKpSKD71E1MieKDZg+hjyFhf

Score

N/A

Malware Config

Signatures

Files

87c4218603d774d2849d11b39daff1d72d04b4883d4fb7b7878ce5cabf37cf99
.exe windows x86

de43094493c7f68cf05d3a7757d7f85a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadWritePtr
SetEndOfFile
GetModuleFileNameA
FindClose
AddAtomA
GetProcessHeap
ExitThread
GetFileType
SetVolumeLabelA
FindAtomA
WaitForMultipleObjects
RemoveDirectoryA
DeleteAtom
GetModuleHandleA
WriteFile
CreateSemaphoreW
CreateDirectoryA
GetCommandLineA
HeapCreate
RemoveDirectoryA
CloseHandle
GetDriveTypeW
HeapFree
CreatePipe
ClearCommBreak

clbcatq

CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup

msvidc32

DriverProc
DriverProc
DriverProc
DriverProc

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 600KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 444KB - Virtual size: 444KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy