88000ae5ffc5fd237efe418966cab9bf20234a0fd3e16b3d89a59cf2eaf0f9f9 | Triage

Submit
Reports

Overview

overview

Static

static

88000ae5ff...f9.exe

windows7-x64

88000ae5ff...f9.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

88000ae5ffc5fd237efe418966cab9bf20234a0fd3e16b3d89a59cf2eaf0f9f9.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

88000ae5ffc5fd237efe418966cab9bf20234a0fd3e16b3d89a59cf2eaf0f9f9.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

88000ae5ffc5fd237efe418966cab9bf20234a0fd3e16b3d89a59cf2eaf0f9f9
Size

389KB
MD5

920ca16c5dbe9e54bf91abd547ddf6c0
SHA1

baa6b99b42d0fdfe02c13adb5d1410cdf850ef80
SHA256

88000ae5ffc5fd237efe418966cab9bf20234a0fd3e16b3d89a59cf2eaf0f9f9
SHA512

2ade6490e2429307c1aef8cb820b25091f26a1bef05fc82762f92fe916f4f962db70e0572ad18c62d7ea87daffa81b6e54619cdc690d69dbd21547e037d506ff
SSDEEP

6144:WRAmte0N3bYeKw2Dido9g1Suu1nwtcsA9wr9hbXLIvWBbmuA5Pwf:WRAj0hz2g1SV1nwtcsCUhbXLIvqKuA+

Score

N/A

Malware Config

Signatures

Files

88000ae5ffc5fd237efe418966cab9bf20234a0fd3e16b3d89a59cf2eaf0f9f9
.exe windows x86

0160dbde4db4f21e23e565be5f71d051

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenMutexA
GlobalFlags
GetTickCount
CreateFileW
GetFileAttributesA
VirtualProtectEx
OpenEventW
LeaveCriticalSection
GetConsoleMode
HeapDestroy
SetFileTime
PulseEvent
InterlockedExchange
GetModuleHandleA
FindAtomW
DeleteFileW
GetProcessVersion
GetCurrentThreadId
GetVolumePathNameA
CreateFileW
SetFilePointer
DeleteFileW
CreateDirectoryA
GetModuleFileNameA
GetDriveTypeW

user32

MessageBoxA
GetWindowLongA
DestroyMenu
IsMenu
DestroyIcon
LoadCursorA
GetWindowTextA
SetRect
DispatchMessageA
PeekMessageA
wsprintfA
GetWindowLongA
SetFocus

dot3msm

Dot3MsmDisconnect
Dot3MsmDeInit
Dot3MsmFreeProfile
DllMain

advapi32

IsValidAcl

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 380KB - Virtual size: 920KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy