c423df7cee03d11af6b0c30daad8ed01b551aeacefaa6c646bd084a9f057dc3e | Triage

Submit
Reports

Overview

overview

Static

static

c423df7cee...3e.exe

windows7-x64

c423df7cee...3e.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

c423df7cee03d11af6b0c30daad8ed01b551aeacefaa6c646bd084a9f057dc3e.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

c423df7cee03d11af6b0c30daad8ed01b551aeacefaa6c646bd084a9f057dc3e.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

c423df7cee03d11af6b0c30daad8ed01b551aeacefaa6c646bd084a9f057dc3e
Size

383KB
MD5

2859aa6de0853f455ff1fdd89cca7780
SHA1

1f3945f5df0ba86b84990b291cad77f378ac8c1a
SHA256

c423df7cee03d11af6b0c30daad8ed01b551aeacefaa6c646bd084a9f057dc3e
SHA512

2d50ce0308fda8bcb60c68ae2e26afcc702db332d1bf8e4c55b95b7422a215b5d6429329b597777d3961d2e4e845b884c57d7442afe2fc667640f7fa891f9658
SSDEEP

6144:U/7ETmgQBOi1KGZ7Njs4WO3uimJhBiX8zTM3zrKAO22j:U/YPQv1PhNjsiDMkzrT

Score

N/A

Malware Config

Signatures

Files

c423df7cee03d11af6b0c30daad8ed01b551aeacefaa6c646bd084a9f057dc3e
.exe windows x86

9d624cb7397caaf806ebad925b4704f5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventA
GlobalSize
ResetEvent
GetCommandLineA
GetExitCodeProcess
lstrlenA
WriteFile
LocalFree
FindVolumeClose
GetStdHandle
GetEnvironmentVariableW
GetModuleHandleW
InterlockedExchange
CloseHandle
GlobalFree
GetPrivateProfileIntW
ResumeThread
CreateMutexA
GetACP
VirtualAlloc

advapi32

RegCreateKeyExA
RegDeleteKeyA
RegCloseKey
IsValidSid
IsValidAcl
IsTextUnicode
ClearEventLogA
LsaClose
CreateServiceA
RegEnumKeyA
RegDeleteValueA
RegQueryValueA
ControlService

mspatcha

GetFilePatchSignatureA
GetFilePatchSignatureA
ApplyPatchToFileA
GetFilePatchSignatureA
GetFilePatchSignatureA

sysdm.cpl

NoExecuteAddFileOptOutList

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 412KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 374KB - Virtual size: 373KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy