4134dfbc33d86cfce0fcf9d2b39c4a0ecfa1267d0f0cf188208886b010af6bb5 | Triage

Submit
Reports

Overview

overview

Static

static

4134dfbc33...b5.exe

windows7-x64

4134dfbc33...b5.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

4134dfbc33d86cfce0fcf9d2b39c4a0ecfa1267d0f0cf188208886b010af6bb5.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

4134dfbc33d86cfce0fcf9d2b39c4a0ecfa1267d0f0cf188208886b010af6bb5.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

4134dfbc33d86cfce0fcf9d2b39c4a0ecfa1267d0f0cf188208886b010af6bb5
Size

392KB
MD5

816ace839705bfa93ed9200e44b6e400
SHA1

4ac2174c774836d57e1596c664dec7be144c757e
SHA256

4134dfbc33d86cfce0fcf9d2b39c4a0ecfa1267d0f0cf188208886b010af6bb5
SHA512

9806f6d34585f9a1d5f0c8995892e3dadcffdc9dcc3e321e3ea025c3e3d916034015c742f8049b56b4dee41b5ee9198231126e7363741b012ad2e7215218adf4
SSDEEP

6144:Acy70g2/ycos8Fk4NfVJ6fH92qsB9eoVnY80fej8TWVmsJ:Atgd/Is8Fkk9J6f8r1Yfej8Tw

Score

N/A

Malware Config

Signatures

Files

4134dfbc33d86cfce0fcf9d2b39c4a0ecfa1267d0f0cf188208886b010af6bb5
.exe windows x86

e971205794b8957f5d37b38533c996ff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
CreateFileA
GetComputerNameA
LocalUnlock
CloseHandle
UnmapViewOfFile
CreateThread
SetLastError
GetTimeFormatA
FindVolumeClose
GetModuleHandleA
GetCurrentDirectoryA
GetSystemTime
SetEvent
LoadLibraryExW
GetTickCount
GetCommandLineW
LocalFree
Sleep
lstrlenA

user32

CallWindowProcA
GetKeyState
SetFocus
DispatchMessageA
CheckRadioButton
GetDC
GetComboBoxInfo
IsWindow
DrawMenuBar
DrawEdge
CreateWindowExA
GetDlgItem
FillRect

cryptui

CryptUIDlgSelectStoreA
LocalEnroll
CryptUIDlgCertMgr
WizardFree
CryptUIDlgSelectCA

inetcpl.cpl

OpenFontsDialog

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 732KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy