5e0c94b1cbad3e20299df31a4bb124501b8b91e4cfc2211eb45d6ab06668db5b | Triage

Submit
Reports

Overview

overview

Static

static

5e0c94b1cb...5b.exe

windows7-x64

5e0c94b1cb...5b.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

5e0c94b1cbad3e20299df31a4bb124501b8b91e4cfc2211eb45d6ab06668db5b.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

18 signatures

150 seconds

Behavioral task

behavioral2

Sample

5e0c94b1cbad3e20299df31a4bb124501b8b91e4cfc2211eb45d6ab06668db5b.exe

Resource

win10v2004-20220812-en

evasion persistence spyware stealer trojan

windows10-2004-x64

21 signatures

150 seconds

General

Target

5e0c94b1cbad3e20299df31a4bb124501b8b91e4cfc2211eb45d6ab06668db5b
Size

892KB
MD5

635962e350e0e62e5ff56a106cefd527
SHA1

4dc88e7cd17f418ec5074c5729e430dea420e095
SHA256

5e0c94b1cbad3e20299df31a4bb124501b8b91e4cfc2211eb45d6ab06668db5b
SHA512

b11caa4e6d952c05446a1ee3ec86b7353009d0de9ae940ab36bde07310418af193162e2c9ddfddbc935085ad4db5fa83936a68b44afeb1d6978885376d8335fd
SSDEEP

12288:UyL6/NeVPWl/JDpE8ENCYLdCl8qbtLQR9FFYQpihaEC6NLZIhJmTmH4OODi+pcV1:ceVPGjNJ+q5LEjAaErNLZI+mYOOz6L

Score

N/A

Malware Config

Signatures

Files

5e0c94b1cbad3e20299df31a4bb124501b8b91e4cfc2211eb45d6ab06668db5b
.exe windows x86

e5cc000f423c093550621d9fc1c0e6bc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetModuleFileNameA
ReadConsoleA
SetLastError
VirtualProtect
CreateFileA
SetLastError
GetEnvironmentStringsW
HeapSize
GetFileAttributesW
lstrlenA
GetFileSize
CreateSemaphoreW
CreateDirectoryW
SetEvent
CloseHandle
Sleep
GetStartupInfoA
OpenSemaphoreA
GetProcessHeap
GlobalFree
ReadConsoleA
DeleteFileA
GetTickCount
WriteConsoleA

user32

DrawTextW
FindWindowA
DispatchMessageA
CallWindowProcW
IsWindow
GetClassInfoA
PeekMessageA
DestroyMenu
DispatchMessageA
GetWindowLongA
SetFocus
GetSysColor
IsZoomed

xolehlp

DtcGetTransactionManager
GetDtcLocaleResourceHandle
DtcGetTransactionManagerC
DtcGetTransactionManagerEx

advapi32

RegCloseKey

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 381KB - Virtual size: 924KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 500KB - Virtual size: 1.6MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy