bb1a7aa877968f9b9189ccce950eb0464e37f524f1eb68dae22961b3ee1eb696 | Triage

Submit
Reports

Overview

overview

Static

static

bb1a7aa877...96.exe

windows7-x64

bb1a7aa877...96.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

bb1a7aa877968f9b9189ccce950eb0464e37f524f1eb68dae22961b3ee1eb696.exe

Resource

win7-20220812-en

gh0strat persistence rat

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

bb1a7aa877968f9b9189ccce950eb0464e37f524f1eb68dae22961b3ee1eb696.exe

Resource

win10v2004-20220901-en

gh0strat persistence rat

windows10-2004-x64

7 signatures

150 seconds

General

Target

bb1a7aa877968f9b9189ccce950eb0464e37f524f1eb68dae22961b3ee1eb696
Size

984KB
MD5

002ff2b3f348684476ab53584695a857
SHA1

f9e7f25d148e4b4fff0b5b58de1dd1904fe14128
SHA256

bb1a7aa877968f9b9189ccce950eb0464e37f524f1eb68dae22961b3ee1eb696
SHA512

0e00ea122e077ed980d27fd958a43ff734377111ca7ed0f7c65c76adf6765b3dc8480c1a2552216529253d836397edee54a6a66c1047b226d313ad8ab5b99dc7
SSDEEP

24576:Dt0vlRJgmKUQx+kuVhFTOVp1lGG1hgONmXTf60jNGYjYC2j:8vi7jUkuVh6XlXhHNmXT9jNGSd2j

Score

N/A

Malware Config

Signatures

Files

bb1a7aa877968f9b9189ccce950eb0464e37f524f1eb68dae22961b3ee1eb696
.exe windows x86

befc046433489307af54f3fa2cbe6207

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId

user32

PostThreadMessageA

advapi32

CloseServiceHandle

msvcrt

??1type_info@@UAE@XZ

iphlpapi

GetAdaptersInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 60KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 918KB - Virtual size: 920KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy