7a56b95e42d239933480f045cbe97bc7fcb44db980bd208c3bdb802aaaa64944 | Triage

Submit
Reports

Overview

overview

Static

static

7a56b95e42...44.exe

windows7-x64

7a56b95e42...44.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

7a56b95e42d239933480f045cbe97bc7fcb44db980bd208c3bdb802aaaa64944.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

7a56b95e42d239933480f045cbe97bc7fcb44db980bd208c3bdb802aaaa64944.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

7a56b95e42d239933480f045cbe97bc7fcb44db980bd208c3bdb802aaaa64944
Size

390KB
MD5

08d15fc82786af0f9f02df94b49e1f82
SHA1

c170fe9fd652695073285b86786bf744c5c1a0d1
SHA256

7a56b95e42d239933480f045cbe97bc7fcb44db980bd208c3bdb802aaaa64944
SHA512

a7fd2969b0e5d87a692fa2e986d0b76de982dd326db5d597ef6c22da5fb56747558ce434933efa6dfdaab1e62c3da386baa5fc8800da77c8179fd07f7608ad37
SSDEEP

6144:XqwD+X1xQatU+1CEJp4XEt8l3aw9Y6zfJvkeitTDYWMtrDVmCfNuI2RINhoDPnr:ZO1xm+QoK0t4K3gCTDYWGrYzt+NST

Score

N/A

Malware Config

Signatures

Files

7a56b95e42d239933480f045cbe97bc7fcb44db980bd208c3bdb802aaaa64944
.exe windows x86

d789428ee819e67da44fc62977bf1423

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
GetCommandLineW
ResetEvent
CloseHandle
FindVolumeClose
CreateFileA
Sleep
LocalUnlock
LocalFree
GetTickCount
lstrlenA
LoadLibraryW
HeapCreate
FormatMessageA
UnmapViewOfFile
GetDiskFreeSpaceA
GetComputerNameA
CreateThread
SetLastError
GetModuleHandleA

user32

DrawMenuBar
CallWindowProcA
IsWindow
SetFocus
FillRect
CheckRadioButton
GetComboBoxInfo
DrawEdge
GetDC
CreateWindowExA
DispatchMessageA
GetDlgItem
DrawStateA

advapi32

RegCloseKey
RegEnumValueA
IsTokenUntrusted
FreeSid
RegDeleteKeyA

hdwwiz.cpl

AddHardwareWizard

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 732KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy