6f4bd19b39caf8e3a93dfa57fbb7d0a31372b8ff75df7e7b49f481603739aaa3 | Triage

Submit
Reports

Overview

overview

Static

static

6f4bd19b39...a3.exe

windows7-x64

6f4bd19b39...a3.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

6f4bd19b39caf8e3a93dfa57fbb7d0a31372b8ff75df7e7b49f481603739aaa3.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

6f4bd19b39caf8e3a93dfa57fbb7d0a31372b8ff75df7e7b49f481603739aaa3.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

6f4bd19b39caf8e3a93dfa57fbb7d0a31372b8ff75df7e7b49f481603739aaa3
Size

388KB
MD5

52087a56500bbcbf0532098ece4e4180
SHA1

fffd2a93b32c932978231b769fa87c4b629ee751
SHA256

6f4bd19b39caf8e3a93dfa57fbb7d0a31372b8ff75df7e7b49f481603739aaa3
SHA512

50b1d407da3966cadd0a8d2d35badfca1a1024b1819b74d926ff0401c3c0a23819a2eb907bd0ae0e53fea50e06357a7bba7a16618ff9f70b43ff3c041c6427d2
SSDEEP

6144:euite0N3bYeKw2Dido9g1Suu1nwtcsA9wr9hbXLIvWBbmuA5Pwf:eun0hz2g1SV1nwtcsCUhbXLIvqKuA+

Score

N/A

Malware Config

Signatures

Files

6f4bd19b39caf8e3a93dfa57fbb7d0a31372b8ff75df7e7b49f481603739aaa3
.exe windows x86

c937b85e70ff0b6782fe55d1d43416a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetConsoleMode
VirtualProtectEx
OpenMutexA
FindAtomW
SetFilePointer
LeaveCriticalSection
GlobalFlags
DeleteFileW
CreateDirectoryA
PulseEvent
GetCurrentThreadId
GetVolumePathNameA
GetProcessVersion
GetDriveTypeW
SetFileTime
InterlockedExchange
GetModuleHandleA
DeleteFileW
GetProcessHeap
HeapDestroy
OpenEventA
CreateFileW
GetFileAttributesA
CreateFileW

user32

wsprintfA
DestroyMenu
SetRect
IsMenu
PeekMessageA
GetWindowTextA
DestroyIcon
SetFocus
MessageBoxA
GetWindowLongA
GetWindowLongA
DispatchMessageA
LoadCursorA

dot3msm

DllMain
Dot3MsmDisconnect
Dot3MsmDeInit
Dot3MsmFreeProfile

advapi32

IsValidAcl

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 380KB - Virtual size: 920KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy