618f2c3fc8367d7f106d0f5df2be818c3348d7081a18552826974b1e78d0305c | Triage

Submit
Reports

Overview

overview

Static

static

618f2c3fc8...5c.exe

windows7-x64

618f2c3fc8...5c.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

618f2c3fc8367d7f106d0f5df2be818c3348d7081a18552826974b1e78d0305c.exe

Resource

win7-20220901-en

evasion persistence trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

618f2c3fc8367d7f106d0f5df2be818c3348d7081a18552826974b1e78d0305c.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

618f2c3fc8367d7f106d0f5df2be818c3348d7081a18552826974b1e78d0305c
Size

416KB
MD5

6a301911e6b505cfc3857cd39553b0e0
SHA1

e2f4b1d0d489125d72abeaf69dd1679fca5762b8
SHA256

618f2c3fc8367d7f106d0f5df2be818c3348d7081a18552826974b1e78d0305c
SHA512

34c86ad1b658d6f4ff9726c29c8f2da24060c4ca05a9637c151a6431896a14da730079cad488b5df850454064015faf88f59a1d2a1188a080e319223a40534e0
SSDEEP

12288:hvg9tTe+tQmqelgczlFbbi68nnmh0d4c:hvgftXqelg6Lbqmad4c

Score

N/A

Malware Config

Signatures

Files

618f2c3fc8367d7f106d0f5df2be818c3348d7081a18552826974b1e78d0305c
.exe windows x86

9f82a582f956cf71c6477f9ea154e9f1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetFileAttributesA
SetLocalTime
IsBadReadPtr
GetCommandLineA
SuspendThread
ResumeThread
CreateDirectoryA
GlobalSize
GetLocaleInfoA
ResumeThread
ReadConsoleW
GetStdHandle
GetPriorityClass
HeapSize
WriteFile
GetDriveTypeA
GetProcessHeap
GetModuleHandleA
VirtualProtect
DeleteFileA
CreatePipe

user32

SetCursor
GetWindowLongA
DestroyMenu
DispatchMessageA
SetRect
GetMessageA
GetWindowTextW
PeekMessageA
DrawIcon
DestroyIcon
wsprintfA
GetWindowLongA
LoadCursorA

els

DllUnregisterServer
DllUnregisterServer
DllGetClassObject
DllRegisterServer

rasapi32

DwCloneEntry

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 410KB - Virtual size: 656KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy