3508fda2e3248b0daae6fef3774d45c1c74bca87e8c11955678a6614f238dfd9 | Triage

Submit
Reports

Overview

overview

Static

static

3508fda2e3...d9.exe

windows7-x64

3508fda2e3...d9.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

3508fda2e3248b0daae6fef3774d45c1c74bca87e8c11955678a6614f238dfd9.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

3508fda2e3248b0daae6fef3774d45c1c74bca87e8c11955678a6614f238dfd9.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

3508fda2e3248b0daae6fef3774d45c1c74bca87e8c11955678a6614f238dfd9
Size

394KB
MD5

64deae3d2a5912a3447ecae869230340
SHA1

3bed9bbe149e1b2b79d1630037a52a46e99b8cd6
SHA256

3508fda2e3248b0daae6fef3774d45c1c74bca87e8c11955678a6614f238dfd9
SHA512

55cd99fb16031855f476b375e2e2be2a2d60ed124d24c2c0ed823aa1f66e259741900d4e44337bd4afa49dd303a3c87eeef86141086f1b49f2a4fe1d19446523
SSDEEP

12288:ZNd9ZGh1fVqQt89e9fCzjPeJ/m9WY03xo0:TzZGPfsQRkzjUCl0xo

Score

N/A

Malware Config

Signatures

Files

3508fda2e3248b0daae6fef3774d45c1c74bca87e8c11955678a6614f238dfd9
.exe windows x86

9667dadb17b9365f9ff7a9c7268b20ac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
CreatePipe
CloseHandle
HeapCreate
ClearCommBreak
IsDebuggerPresent
WriteConsoleW
lstrlenW
CopyFileW
DisconnectNamedPipe
WriteConsoleW
GetCurrentDirectoryA
GetFileAttributesA
lstrcpyW
SetEvent
ReleaseMutex
GetStartupInfoA
WriteConsoleW
GetPriorityClass
GetStdHandle
GetLastError

msftedit

RichEditWndProc
SetCustomTextOutHandlerEx
RichListBoxWndProc
RichComboBoxWndProc

shell32

ShellMessageBoxA
SHGetSettings
DragQueryFileA
DragAcceptFiles
DragFinish
SHFree
DllUnregisterServer
ExtractIconA
DuplicateIcon
ShellAboutA
SHGetDiskFreeSpaceA
SHGetMalloc
StrChrA

msasn1

ASN1BERDecBool

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 720B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 385KB - Virtual size: 880KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.orpc
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy