da5fbf903c541a1126a81a48babfac264d7da6855d0fa408351793e7cf55cdd1 | Triage

Submit
Reports

Overview

overview

Static

static

da5fbf903c...d1.exe

windows7-x64

da5fbf903c...d1.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

da5fbf903c541a1126a81a48babfac264d7da6855d0fa408351793e7cf55cdd1.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

da5fbf903c541a1126a81a48babfac264d7da6855d0fa408351793e7cf55cdd1.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

da5fbf903c541a1126a81a48babfac264d7da6855d0fa408351793e7cf55cdd1
Size

394KB
MD5

81840c5cf17ba8e7a83f8c435bbc8770
SHA1

f32c39fd218cd12404945912600c5b066964a724
SHA256

da5fbf903c541a1126a81a48babfac264d7da6855d0fa408351793e7cf55cdd1
SHA512

9c9c43a281919c49e7ab82ab5b052c7d287459ceb26f5c597692105477c9dec18fe75f284377ebc83b7c1bc133d238c3735c2d5277c84ae74fe423bca8d0b215
SSDEEP

12288:2Nd9ZGh1fVqQt89e9fCzjPeJ/m9WY03xo0:QzZGPfsQRkzjUCl0xo

Score

N/A

Malware Config

Signatures

Files

da5fbf903c541a1126a81a48babfac264d7da6855d0fa408351793e7cf55cdd1
.exe windows x86

8648ebf7ce78d62e0cb0c407bcabdc2f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetFileAttributesA
lstrcpyW
GetLastError
lstrlenW
SuspendThread
IsDebuggerPresent
WriteConsoleW
GetStartupInfoA
GetPriorityClass
WriteConsoleW
HeapCreate
WriteConsoleW
GetStdHandle
GetCurrentDirectoryA
ClearCommBreak
CopyFileW
CreatePipe
CloseHandle
DisconnectNamedPipe
SetEvent

msftedit

RichComboBoxWndProc
RichListBoxWndProc
SetCustomTextOutHandlerEx
RichEditWndProc

shell32

DllUnregisterServer
ShellAboutA
ExtractIconA
DragFinish
DragAcceptFiles
DuplicateIcon
SHGetDiskFreeSpaceA
SHGetMalloc
StrChrA
DragQueryFileA
SHFree
SHGetSettings
ShellMessageBoxA

msasn1

ASN1BERDecBool

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 385KB - Virtual size: 884KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.orpc
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy