6a28cf0face913d00c1d94ae06aba29fefdf8989d7b9a80a95c08efd0169ecb7 | Triage

Submit
Reports

Overview

overview

Static

static

6a28cf0fac...b7.exe

windows7-x64

6a28cf0fac...b7.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

6a28cf0face913d00c1d94ae06aba29fefdf8989d7b9a80a95c08efd0169ecb7.exe

Resource

win7-20220901-en

evasion persistence trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

6a28cf0face913d00c1d94ae06aba29fefdf8989d7b9a80a95c08efd0169ecb7.exe

Resource

win10v2004-20220812-en

evasion persistence trojan

windows10-2004-x64

9 signatures

150 seconds

General

Target

6a28cf0face913d00c1d94ae06aba29fefdf8989d7b9a80a95c08efd0169ecb7
Size

278KB
MD5

696b1358a3da910f35bad0c6e4da6d30
SHA1

7882f9e8159b3d46ba2ef4fd65a57272e93c9265
SHA256

6a28cf0face913d00c1d94ae06aba29fefdf8989d7b9a80a95c08efd0169ecb7
SHA512

f70c70fa28f38ce385ee8a7b8db5d57e9fcceb7deb3160d531a6b5e471e6491b47b8bf3e976894b5b085a65b966080723ccbcb560c28259ad62559a0fed1f6f4
SSDEEP

6144:qugGm5uQiPF8JDxTLoN+607+LsWFlIMfDjc51M3qWo4jUMSxto:qugz5uQSKTLMA7+LscIQDjQKxUTP

Score

N/A

Malware Config

Signatures

Files

6a28cf0face913d00c1d94ae06aba29fefdf8989d7b9a80a95c08efd0169ecb7
.exe windows x86

8351d222fa51d5503778ae0af0345b55

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_except_handler3

kernel32

ExitProcess
WaitForSingleObject
CreateThread
lstrcatA
lstrcmpA
GetLastError
CreateMutexA
lstrcpyA
GetModuleFileNameA
GetProcAddress
lstrlenA
GetCommandLineA
WriteProcessMemory
lstrlenW
GetModuleFileNameW
Sleep
ReadProcessMemory
GetModuleHandleA
GetCurrentProcess
IsDebuggerPresent
lstrcmpiA
WriteConsoleA
ReadConsoleA
LoadLibraryA
GetEnvironmentVariableA
HeapAlloc
GetStartupInfoA
GetProcessHeap
HeapFree

user32

RegisterClassExA
DialogBoxParamA
DestroyIcon
EnableMenuItem
UpdateWindow
InsertMenuA
SetWindowLongA
CreateWindowExA
GetSubMenu
PostQuitMessage
SetTimer
MessageBoxW
MessageBoxA

gdi32

DeleteObject
BitBlt

comdlg32

ChooseFontA

ole32

CoInitialize

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 260KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy