e1f46ed6dfc838b8f1fc4efdd31418b4130dfd245915bbb4d263683436a88d3f | Triage

Submit
Reports

Overview

overview

Static

static

e1f46ed6df...3f.exe

windows7-x64

e1f46ed6df...3f.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

e1f46ed6dfc838b8f1fc4efdd31418b4130dfd245915bbb4d263683436a88d3f.exe

Resource

win7-20220901-en

evasion persistence trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

e1f46ed6dfc838b8f1fc4efdd31418b4130dfd245915bbb4d263683436a88d3f.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

e1f46ed6dfc838b8f1fc4efdd31418b4130dfd245915bbb4d263683436a88d3f
Size

411KB
MD5

2bf4035cdf1fe57c90d9215575f70719
SHA1

9557ec50b16286a9199dcc211fe660fc3e70e2f3
SHA256

e1f46ed6dfc838b8f1fc4efdd31418b4130dfd245915bbb4d263683436a88d3f
SHA512

da0086d6890ef2c2d44c52db653bd696b7a6c094e8e167269e53943531b919f552594044a4b2ae04021b4a450409de5de2b97588d55a6a39a520cba903098e4f
SSDEEP

6144:DcdyBAQXQdzuTJ4UC9A5nDVFc/hn/H3WWQwwPk06337xiSmkc99AkEj9:Dc9qTJ4UA+AlP4Pk3H17mkiGzJ

Score

N/A

Malware Config

Signatures

Files

e1f46ed6dfc838b8f1fc4efdd31418b4130dfd245915bbb4d263683436a88d3f
.exe windows x86

ae9c2ea31fe7a5e9da8d32c721a5e5b0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetFileAttributesA
GetLocaleInfoW
MapViewOfFile
GetTickCount
GetStringTypeA
SetLastError
GetCurrentProcess
GetModuleHandleA
FindResourceW
HeapFree
LocalLock
GetExitCodeThread
SuspendThread
RemoveDirectoryW
FindClose
TlsGetValue
VirtualProtect
GetFileAttributesA
CreateDirectoryW
SetPriorityClass
IsValidCodePage

user32

DefDlgProcA
GetWindowTextW
wsprintfW
LoadCursorA
PostMessageW
GetWindowLongW
PeekMessageW
DispatchMessageA
SetCursor
LoadImageW
IsDialogMessageA
SetFocus
IsWindow

msctf

DllUnregisterServer
TF_InitSystem
DllCanUnloadNow
DllUnregisterServer

rasapi32

DwRasUninitialize

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 400KB - Virtual size: 640KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.import
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy