0ce38752b65d20e7d6b88101fcbd58476cec7ec134beff07ea78f4c63b573567 | Triage

Submit
Reports

Overview

overview

Static

static

0ce38752b6...67.exe

windows7-x64

0ce38752b6...67.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

0ce38752b65d20e7d6b88101fcbd58476cec7ec134beff07ea78f4c63b573567.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

0ce38752b65d20e7d6b88101fcbd58476cec7ec134beff07ea78f4c63b573567.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

0ce38752b65d20e7d6b88101fcbd58476cec7ec134beff07ea78f4c63b573567
Size

382KB
MD5

528815129be35e1d04c99cd7ef60bce0
SHA1

5c840a0d6537f57c18ae3085416ed0f7f3390bc5
SHA256

0ce38752b65d20e7d6b88101fcbd58476cec7ec134beff07ea78f4c63b573567
SHA512

545bb7ba82c69249974552d32a6b8feab45a7f3f11b9a42347200493a9e600d6be8d36150911249bd04ce8e343a3595d14a94ca3a5006caa81fc7a0319f06af1
SSDEEP

6144:MrxZ/SvRMXCQ0TexdCoNSQwMOu/L5NY5k7paog+4gyA1H1zZsQ6psGeDkXMg:SuvRMXCQ2exdCGGMOu/iQtUA1A7R

Score

N/A

Malware Config

Signatures

Files

0ce38752b65d20e7d6b88101fcbd58476cec7ec134beff07ea78f4c63b573567
.exe windows x86

562ae5c2691de3fac4d70d3db7557ee7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchange
GetCommandLineA
CreateMutexA
GlobalFree
CloseHandle
GetExitCodeProcess
ResumeThread
CreateEventA
GlobalSize
LocalFree
ResetEvent
WriteFile
GetPrivateProfileIntW
GetModuleHandleW
GetEnvironmentVariableW
GetACP
GetStdHandle
ReleaseMutex
HeapCreate
lstrlenA

advapi32

ControlService
RegCreateKeyExW
IsTextUnicode
RegDeleteKeyA
RegQueryValueW
ClearEventLogW
CreateServiceA
CloseEventLog
RegDeleteValueA
IsValidSid
RegEnumKeyW
RegCloseKey
IsValidSecurityDescriptor

btpanui

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

hdwwiz.cpl

InstallNewDevice

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 372KB - Virtual size: 371KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy