62f2e304067fbf277874b14fd0f6916a2ccc4673da1ad576571359da48e3fa1a | Triage

Submit
Reports

Overview

overview

Static

static

62f2e30406...1a.exe

windows7-x64

8

62f2e30406...1a.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

62f2e304067fbf277874b14fd0f6916a2ccc4673da1ad576571359da48e3fa1a.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

62f2e304067fbf277874b14fd0f6916a2ccc4673da1ad576571359da48e3fa1a.exe

Resource

win10v2004-20220812-en

evasion persistence trojan

windows10-2004-x64

10 signatures

150 seconds

General

Target

62f2e304067fbf277874b14fd0f6916a2ccc4673da1ad576571359da48e3fa1a
Size

817KB
MD5

42f8aaf305ff983d47fde98bb3f0f021
SHA1

47179533fa0e04136e97d4c3d333a74409897f78
SHA256

62f2e304067fbf277874b14fd0f6916a2ccc4673da1ad576571359da48e3fa1a
SHA512

a5c7ef0b12f2f45a8aa41c931c0a0310266e3956738f370b330d82bb30ac71eb93dbbb6741773288a24fe7105f3fefaab73c952f9985dff1fa064631760c874e
SSDEEP

12288:P8f5lXc+S9jy0g2VLKgMHJHc6H6Jj63t4V+7a7mynN2eLtMos3CMfVEkqJqAdRMl:P8fnX5SRyD4LKBHhcwDtqtxpNkGqAoXz

Score

N/A

Malware Config

Signatures

Files

62f2e304067fbf277874b14fd0f6916a2ccc4673da1ad576571359da48e3fa1a
.exe windows x86

08c752e2ac8d09ac2e5ff8b86dc92ff5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_except_handler3

kernel32

lstrlenA
ExitProcess
WaitForSingleObject
CreateThread
lstrcatA
lstrcmpA
GetLastError
CreateMutexA
lstrcpyA
GetModuleFileNameA
GetProcAddress
LoadLibraryA
GetCommandLineA
WriteProcessMemory
lstrlenW
GetModuleFileNameW
Sleep
ReadProcessMemory
GetModuleHandleA
GetCurrentProcess
lstrcmpiA
HeapFree
GetEnvironmentVariableA
HeapAlloc
GetStartupInfoA
GetProcessHeap
IsDebuggerPresent

user32

SetTimer
PostQuitMessage
UpdateWindow
GetWindowLongA
InsertMenuA
CreateWindowExA
RegisterClassExA
MessageBoxW
MessageBoxA

gdi32

CreateDCA

comdlg32

GetSaveFileNameA

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy