c159b5aa580a18e53caae510ffee41ec2616939469a078eec257614649cd0c1c | Triage

Submit
Reports

Overview

overview

Static

static

c159b5aa58...1c.exe

windows7-x64

c159b5aa58...1c.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

c159b5aa580a18e53caae510ffee41ec2616939469a078eec257614649cd0c1c.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

c159b5aa580a18e53caae510ffee41ec2616939469a078eec257614649cd0c1c.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

c159b5aa580a18e53caae510ffee41ec2616939469a078eec257614649cd0c1c
Size

397KB
MD5

458274bd562efdfd3671eacc02be9c39
SHA1

e7a98dd9421d1ff9959bfe844b67b396c9b46c1b
SHA256

c159b5aa580a18e53caae510ffee41ec2616939469a078eec257614649cd0c1c
SHA512

4ffd77a9da9d15b74b75c2a5cd12d5230375c4eb7c4457ed6933362433ef518af6aa4ea27358ac13cc1b85e278488779e696419a9f42920e9eff1d72fae280a5
SSDEEP

12288:iMCTYNxsQbwneGs9Q7LPV+URm1cOrIF+AfWFg:sUNxsZneR4PVhRmmFYAf

Score

N/A

Malware Config

Signatures

Files

c159b5aa580a18e53caae510ffee41ec2616939469a078eec257614649cd0c1c
.exe windows x86

aea81519d09a18f602e968239647332e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

PulseEvent
GlobalUnlock
LocalFree
GetComputerNameA
lstrcpyA
UnmapViewOfFile
GetCommandLineA
lstrlenA
CloseHandle
GetModuleHandleA
GetCurrentDirectoryA
CreateProcessA
FindResourceW
CreateFileW
Sleep
GetCurrentThreadId
HeapCreate
SetLastError
FindClose
LoadLibraryExW

user32

DrawMenuBar
GetCaretPos
CheckRadioButton
GetDC
GetDlgItem
CreateIcon
CallWindowProcA
IsWindow
SetFocus
CreateWindowExA
FillRect
DispatchMessageA
DrawEdge

cryptui

WizardFree
LocalEnroll
CryptUIDlgSelectStoreA
CryptUIDlgSelectCA
CryptUIDlgCertMgr

msctf

TF_InitSystem

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 396KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 371KB - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy