d330185dbb85eb51dbb74fab1b0191d60d6da2fd43a5303aa00c830fd0c6c76f | Triage

Submit
Reports

Overview

overview

Static

static

d330185dbb...6f.exe

windows7-x64

d330185dbb...6f.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

d330185dbb85eb51dbb74fab1b0191d60d6da2fd43a5303aa00c830fd0c6c76f.exe

Resource

win7-20220901-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

d330185dbb85eb51dbb74fab1b0191d60d6da2fd43a5303aa00c830fd0c6c76f.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

d330185dbb85eb51dbb74fab1b0191d60d6da2fd43a5303aa00c830fd0c6c76f
Size

385KB
MD5

822e64661b3f42341d18e24d8f159e84
SHA1

8f629befdd6f3d7f8522c740f0b62e15fdd1b745
SHA256

d330185dbb85eb51dbb74fab1b0191d60d6da2fd43a5303aa00c830fd0c6c76f
SHA512

254c9246d1323fcc5d08cfb7b1cc83eceddfd5f3bca92f47ab6c5323a624f0c2bc8f66f90753dcfeb2c2883f50de7a150f076dcf6c8588ddc29c50b899f364b3
SSDEEP

6144:2V8HuvgQBOi1KGZ7Njs4WO3uimJhBiX8zTM3zrKAO22j:2SuoQv1PhNjsiDMkzrT

Score

N/A

Malware Config

Signatures

Files

d330185dbb85eb51dbb74fab1b0191d60d6da2fd43a5303aa00c830fd0c6c76f
.exe windows x86

9e57c1314357f3b97f48232eb76c5388

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
ResetEvent
FindVolumeClose
ResumeThread
GetPrivateProfileIntW
InterlockedExchange
GetModuleHandleW
GetACP
LocalFree
lstrlenA
CreateEventA
CloseHandle
GetCommandLineA
VirtualAlloc
GetExitCodeProcess
GlobalSize
GlobalFree
GetStdHandle
CreateMutexA
GetEnvironmentVariableW

advapi32

IsTextUnicode
ControlService
CreateServiceA
RegDeleteValueA
RegQueryValueA
LsaClose
RegDeleteKeyA
IsValidAcl
IsValidSid
RegCloseKey
RegCreateKeyExA
ClearEventLogA
RegEnumKeyA

mspatcha

ApplyPatchToFileA
GetFilePatchSignatureA
GetFilePatchSignatureA
GetFilePatchSignatureA
GetFilePatchSignatureA

sysdm.cpl

NoExecuteAddFileOptOutList

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 412KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 375KB - Virtual size: 375KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy