1f3a2c4540f1e70c8c8875226de087bfbf1043eb6f73ed0a11b144d493c89966 | Triage

Submit
Reports

Overview

overview

8

Static

static

1f3a2c4540...66.exe

windows7-x64

8

1f3a2c4540...66.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

1f3a2c4540f1e70c8c8875226de087bfbf1043eb6f73ed0a11b144d493c89966.exe

Resource

win7-20220901-en

discovery evasion persistence

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

1f3a2c4540f1e70c8c8875226de087bfbf1043eb6f73ed0a11b144d493c89966.exe

Resource

win10v2004-20220812-en

discovery evasion persistence

windows10-2004-x64

10 signatures

150 seconds

General

Target

1f3a2c4540f1e70c8c8875226de087bfbf1043eb6f73ed0a11b144d493c89966
Size

268KB
MD5

93ef2c8b32b7e18401439ce8e1778c4e
SHA1

00fc84ef1e88705e61d01c10ce95b815ef2f393c
SHA256

1f3a2c4540f1e70c8c8875226de087bfbf1043eb6f73ed0a11b144d493c89966
SHA512

4efbb8c2efe87736ad2003d65a0955c867ee8e75e48529a3fd4d3440e4e521945905a3774ccf3ef210cd47b4ef3b0f0a29149180626dc5358fe7f5d5cc12911c
SSDEEP

3072:AIad1camA0ZA43dwuX1J87IHQ9c7TsAkGvQs6xIHF:ANh47WI4ckAkGvQsaM

Score

N/A

Malware Config

Signatures

Files

1f3a2c4540f1e70c8c8875226de087bfbf1043eb6f73ed0a11b144d493c89966
.exe windows x86

65828aababdec739fe863375caa66cb2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DrawStateA
GetDlgItemTextW
PeekMessageW
LoadBitmapA
PostMessageW
LoadCursorW
GetPropW
CreateDesktopW
IsZoomed
InsertMenuA
CharToOemA
DialogBoxParamA
IsZoomed

clbcatq

CoRegCleanup
SetSetupOpen

wtsapi32

WTSFreeMemory
WTSUnRegisterSessionNotification
WTSEnumerateProcessesA
WTSVirtualChannelClose
WTSSetSessionInformationW
WTSVirtualChannelQuery
WTSQueryUserToken
WTSVirtualChannelOpen
WTSWaitSystemEvent
WTSSetUserConfigW
WTSOpenServerW
WTSSendMessageA
WTSVirtualChannelWrite
WTSLogoffSession

kernel32

GetConsoleAliasW
GetDiskFreeSpaceA
WriteConsoleW
GetModuleHandleA
GetDriveTypeA
VirtualProtectEx
GetProcessId
WaitForSingleObject
LoadLibraryW
CreateFileMappingA
EncodePointer
GetPrivateProfileIntA
GetExitCodeProcess

Sections

.text
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy