4951e704b951349a033e459cd9b5d0412086c3a3afbbb67ecadd33dfca7ee42b | Triage

Submit
Reports

Overview

overview

Static

static

4951e704b9...2b.exe

windows7-x64

4951e704b9...2b.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

4951e704b951349a033e459cd9b5d0412086c3a3afbbb67ecadd33dfca7ee42b.exe

Resource

win7-20220812-en

evasion persistence ransomware spyware stealer trojan

windows7-x64

17 signatures

150 seconds

Behavioral task

behavioral2

Sample

4951e704b951349a033e459cd9b5d0412086c3a3afbbb67ecadd33dfca7ee42b.exe

Resource

win10v2004-20220812-en

evasion persistence trojan

windows10-2004-x64

9 signatures

150 seconds

General

Target

4951e704b951349a033e459cd9b5d0412086c3a3afbbb67ecadd33dfca7ee42b
Size

725KB
MD5

53624dff46d5887855371fe2fbc97db0
SHA1

a789f3913863750f9ae456189a4b5b44be17b6d4
SHA256

4951e704b951349a033e459cd9b5d0412086c3a3afbbb67ecadd33dfca7ee42b
SHA512

92efa5fd1d5bd46ac558242b6dbd379ac513e34efd4c0bba9ef1ff70acd36dc18d951778253ecae53d6995142baa7da52b682c19394b152c2596694509ea7756
SSDEEP

12288:yArefYoxpgtGQzA+dANEJVC09FobhRN+MBIjmHkyTRbSe7yrWAksxS:rS9VU4EJU6FyhRN+LYNbSe7yzS

Score

N/A

Malware Config

Signatures

Files

4951e704b951349a033e459cd9b5d0412086c3a3afbbb67ecadd33dfca7ee42b
.exe windows x86

25bec142731f20a0e9e2924fe4839d18

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

ZwStopProfile
NtCreateToken
ZwCancelIoFile
NtAccessCheckByTypeResultList
RtlSetInformationAcl

advapi32

RegOpenKeyW

kernel32

GetEnvironmentVariableW

user32

GetProcessWindowStation
GetMenuCheckMarkDimensions

Sections

.text
Size: 717KB - Virtual size: 720KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy