e2160242c22934ad6fe64b3096a1fe058c5f85b4a312816e077f9b9e9efbcd95 | Triage

Submit
Reports

Overview

overview

Static

static

e2160242c2...95.dll

windows7-x64

e2160242c2...95.dll

windows10-2004-x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

e2160242c22934ad6fe64b3096a1fe058c5f85b4a312816e077f9b9e9efbcd95.dll

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

e2160242c22934ad6fe64b3096a1fe058c5f85b4a312816e077f9b9e9efbcd95.dll

Resource

win10v2004-20220812-en

windows10-2004-x64

10 signatures

150 seconds

General

Target

e2160242c22934ad6fe64b3096a1fe058c5f85b4a312816e077f9b9e9efbcd95
Size

128KB
MD5

616d95fd048a0e2eb97dc5eff90363e2
SHA1

7296768887f74dda13a4aa009c5d52fa9970915c
SHA256

e2160242c22934ad6fe64b3096a1fe058c5f85b4a312816e077f9b9e9efbcd95
SHA512

0dfc2bf8ce308564a7a66010b50e9f166f482b0025409065708d617c1ec6a8fad1cc6dfaddd4879b675d0861d1e96cf1e222760fdbb3e94db629572abf1aae7e
SSDEEP

3072:fuxmo8kkjOtgfCMCbsilpIulwS1W1AFGrshd1tEzb:k8koOt60twD1UGruJi

Score

N/A

Malware Config

Signatures

Files

e2160242c22934ad6fe64b3096a1fe058c5f85b4a312816e077f9b9e9efbcd95
.dll windows x86

c95ed56c036b349deb322d9df5ce7676

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcr90

_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
_unlock
__dllonexit
_lock
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_except_handler4_common
_crt_debugger_hook
free
memset
memcpy
??2@YAPAXI@Z
??3@YAXPAX@Z
_purecall
_adjust_fdiv
_onexit

kernel32

LoadLibraryA
GetProcAddress
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedCompareExchange
Sleep
InterlockedExchange
InterlockedDecrement
InterlockedIncrement
IsDebuggerPresent

Exports

Exports

CanUnload
RMACreateInstance

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy