4bc2656e41d84253d6ad4810eedaef51620bacc6cb361a796a77aff6a05acde3 | Triage

Submit
Reports

Overview

overview

Static

static

4bc2656e41...e3.exe

windows7-x64

4bc2656e41...e3.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

4bc2656e41d84253d6ad4810eedaef51620bacc6cb361a796a77aff6a05acde3.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

4bc2656e41d84253d6ad4810eedaef51620bacc6cb361a796a77aff6a05acde3.exe

Resource

win10v2004-20220812-en

evasion persistence trojan

windows10-2004-x64

11 signatures

150 seconds

General

Target

4bc2656e41d84253d6ad4810eedaef51620bacc6cb361a796a77aff6a05acde3
Size

433KB
MD5

053f2670d84521f843aa84c1d1a25db0
SHA1

b9567fe74b30bce8c61a7f6e835644524f2f34b3
SHA256

4bc2656e41d84253d6ad4810eedaef51620bacc6cb361a796a77aff6a05acde3
SHA512

0ae57c7fb98046c1995a18fb18e37822583fee973464ff89bf13bd345a38af6e003b9823a9fbbc8b411132443e07e1f0ac0a2d95f2c68a98d13d71179a0f3990
SSDEEP

12288:VcZJSi6FBCRfSuR+ybSMLPytF7R5eVc0K:mZJSRCfJtbSML2R5Ac

Score

N/A

Malware Config

Signatures

Files

4bc2656e41d84253d6ad4810eedaef51620bacc6cb361a796a77aff6a05acde3
.exe windows x86

e2c7637f2211ebd889d0a2efb90db07c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
CloseHandle
RemoveDirectoryW
OpenThread
WaitForMultipleObjects
GetEnvironmentVariableA
CreateFileA
GetCurrentDirectoryA
SetLastError
GetTickCount
GetStdHandle
CreateMutexW
HeapSize
GetStartupInfoW
GetTickCount
ReleaseMutex
ExitProcess
GetLocalTime
WaitForSingleObject
DeleteFileA
FindClose
HeapCreate
GetFileSize
GetModuleHandleA
GetFileAttributesW

user32

GetDC
GetSysColor
GetDC
GetDC
DispatchMessageW
CallWindowProcW
GetClassInfoA
GetDC
GetCursorPos
PeekMessageA
DispatchMessageW
MessageBoxA
GetWindowLongA

wshcon

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 624KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 428KB - Virtual size: 427KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy