94f1a2f897826eedf142825cf08e1d5877927c2da7d967e9e2b29aaf40a6bbb3 | Triage

Submit
Reports

Overview

overview

Static

static

94f1a2f897...b3.exe

windows7-x64

94f1a2f897...b3.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

94f1a2f897826eedf142825cf08e1d5877927c2da7d967e9e2b29aaf40a6bbb3.exe

Resource

win7-20220901-en

evasion persistence trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

94f1a2f897826eedf142825cf08e1d5877927c2da7d967e9e2b29aaf40a6bbb3.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

94f1a2f897826eedf142825cf08e1d5877927c2da7d967e9e2b29aaf40a6bbb3
Size

389KB
MD5

63c8e59c1fae9e055ea03a96a5539dc0
SHA1

c19247e4867d97e9921b00187a1be867593372ea
SHA256

94f1a2f897826eedf142825cf08e1d5877927c2da7d967e9e2b29aaf40a6bbb3
SHA512

9460f0c346983d90d5850d150499e7f6908ef289ffeb46cd0d716adcc9943b517a9514e4705613c61fc95ca06a1a4ed1e80a42fd17a2aecabd41fca28800d70a
SSDEEP

6144:EifRdte0N3bYeKw2Dido9g1Suu1nwtcsA9wr9hbXLIvWBbmuA5Pwf:EKRG0hz2g1SV1nwtcsCUhbXLIvqKuA+

Score

N/A

Malware Config

Signatures

Files

94f1a2f897826eedf142825cf08e1d5877927c2da7d967e9e2b29aaf40a6bbb3
.exe windows x86

27086206892e36016c95e01a606f83a4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GetProcessVersion
OpenEventW
GetConsoleMode
CreateFileW
GlobalFlags
GetCurrentThreadId
InterlockedExchange
GetVolumePathNameA
FindAtomW
SetFilePointer
GetFileAttributesA
GetModuleFileNameA
HeapDestroy
LeaveCriticalSection
OpenMutexA
VirtualProtectEx
GetModuleHandleA
DeleteFileW
CreateFileW
CreateDirectoryA
PulseEvent
DeleteFileW
GetDriveTypeW
SetFileTime

user32

SetRect
GetWindowLongA
PeekMessageA
SetFocus
DestroyMenu
wsprintfA
DestroyIcon
GetWindowTextA
DispatchMessageA
IsMenu
GetWindowLongA
MessageBoxA
LoadCursorA

dot3msm

Dot3MsmDeInit
DllMain
Dot3MsmDisconnect
Dot3MsmFreeProfile

advapi32

IsValidAcl

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 380KB - Virtual size: 920KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy