154ea01c0789cc2bc0a9f02cd578601c88ffda0cbbdeaebb6b60554a178fef0f | Triage

Submit
Reports

Overview

overview

Static

static

154ea01c07...0f.exe

windows7-x64

154ea01c07...0f.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

154ea01c0789cc2bc0a9f02cd578601c88ffda0cbbdeaebb6b60554a178fef0f.exe

Resource

win7-20220901-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

154ea01c0789cc2bc0a9f02cd578601c88ffda0cbbdeaebb6b60554a178fef0f.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

154ea01c0789cc2bc0a9f02cd578601c88ffda0cbbdeaebb6b60554a178fef0f
Size

325KB
MD5

0bcf82e94ffd48ea14cc2e208b20db42
SHA1

f3e77f042bb4fa377dfeef47de46432fc00f3fce
SHA256

154ea01c0789cc2bc0a9f02cd578601c88ffda0cbbdeaebb6b60554a178fef0f
SHA512

94cac93f67bbb8a149af4ca6860327bc31c55f97bf4271499d18f118229cfd830bd0e26e5fae0c36764e33b3ba8fd888ac26a961025c8bc285086f1f92345ae4
SSDEEP

6144:5gpd5NG3XXnRI2RZfdM5rkVYIWNJnXyEtBfCvoK8CUmt6CAWctDpv:5gP/IXRIGdMNkiIEJnXWzbUVtWctDpv

Score

N/A

Malware Config

Signatures

Files

154ea01c0789cc2bc0a9f02cd578601c88ffda0cbbdeaebb6b60554a178fef0f
.exe windows x86

ba87c9638a5ebf28d3f26e6ebe20e664

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
ResetEvent
GetCommandLineW
LocalFree
CreateFileA
HeapCreate
SetEvent
GetTickCount
GetComputerNameA
CloseHandle
GetExitCodeProcess
LoadLibraryW
GetModuleHandleA
FindAtomA
SuspendThread
TlsGetValue
CreateThread
SetLastError
GetFileAttributesA
GetDiskFreeSpaceW

advapi32

GetFileSecurityA
RegEnumValueA
CloseEventLog
GetLengthSid
RegDeleteKeyA
RegEnumKeyExA
CredFree
RegCreateKeyExA
GetUserNameW
IsTokenRestricted
RegQueryValueA
RegCloseKey
CreateServiceW

cryptui

WizardFree
CryptUIDlgCertMgr
LocalEnroll
CryptUIDlgSelectStoreA
CryptUIDlgSelectCA

powercfg.cpl

CPlApplet

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 428KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 315KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy