d6839c6cb7d338a112094b02b04c8622b653cd15425ff58e9dabc38f4a69bab0 | Triage

Submit
Reports

Overview

overview

Static

static

d6839c6cb7...b0.exe

windows7-x64

d6839c6cb7...b0.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

d6839c6cb7d338a112094b02b04c8622b653cd15425ff58e9dabc38f4a69bab0.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

d6839c6cb7d338a112094b02b04c8622b653cd15425ff58e9dabc38f4a69bab0.exe

Resource

win10v2004-20220812-en

evasion persistence trojan

windows10-2004-x64

11 signatures

150 seconds

General

Target

d6839c6cb7d338a112094b02b04c8622b653cd15425ff58e9dabc38f4a69bab0
Size

434KB
MD5

8422cc441fbe6e7f7d3feb9b1d4b0546
SHA1

cc4e7d43b9ef296e13d6da4d9d52d9b628773ee5
SHA256

d6839c6cb7d338a112094b02b04c8622b653cd15425ff58e9dabc38f4a69bab0
SHA512

4bcad391901e2f20ecd2171b636bdbe54b0fc3f341d2da5d27386e33e59bcd17ebd8b8f132e0a737f0f38cb80ef8b4950b8b892939da2115c4943f27fecfc43c
SSDEEP

12288:72/R6PiZLaoc+q40ZR6z3/VjzxPRshoQQ6emnnLA:72pPZLaClW4z3/V5uZQSn8

Score

N/A

Malware Config

Signatures

Files

d6839c6cb7d338a112094b02b04c8622b653cd15425ff58e9dabc38f4a69bab0
.exe windows x86

3c35c65fb6ac617891bbc72061e69b3b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
RemoveDirectoryW
GetTickCount
ReleaseMutex
GetEnvironmentVariableW
OpenProcess
CreateMutexW
FindClose
GetFileAttributesA
GetStdHandle
HeapCreate
SetLastError
GetStartupInfoW
WaitForSingleObject
CloseHandle
WaitForMultipleObjects
GetTickCount
ExitProcess
CreateFileA
GetConsoleTitleW
GetCurrentDirectoryA
Sleep
HeapSize
DeleteFileA
GetLocalTime

user32

MessageBoxA
GetSysColor
DispatchMessageW
FillRect
GetDC
DispatchMessageW
PeekMessageA
FindWindowW
GetDC
GetDC
GetWindowLongA
CallWindowProcW
GetClassInfoA

vbajet32

VBAGetExprSrv
VBAGetExprSrv
VBAGetExprSrv
VBAGetExprSrv

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 624KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 428KB - Virtual size: 427KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy