c320649e31a5029799a5fd4f915344c3c900184545bae26811d9f9e7c803dfe3 | Triage

Submit
Reports

Overview

overview

Static

static

c320649e31...e3.exe

windows7-x64

c320649e31...e3.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

c320649e31a5029799a5fd4f915344c3c900184545bae26811d9f9e7c803dfe3.exe

Resource

win7-20220812-en

metasploit backdoor persistence trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

c320649e31a5029799a5fd4f915344c3c900184545bae26811d9f9e7c803dfe3.exe

Resource

win10v2004-20220812-en

metasploit backdoor persistence trojan

windows10-2004-x64

8 signatures

150 seconds

General

Target

c320649e31a5029799a5fd4f915344c3c900184545bae26811d9f9e7c803dfe3
Size

1.1MB
MD5

0dd1b11900bce8cf01e877e97348d59e
SHA1

bc48a059a72ada65f10e0660d0f6b50fa6c392da
SHA256

c320649e31a5029799a5fd4f915344c3c900184545bae26811d9f9e7c803dfe3
SHA512

89a50fb10270e36ef930988a78adc32254b5e411ff26c6d97dcc11466bc658ac203a9dd398aed0eca0659c128b7417893be96c3bbf1cfaafee713eeeecbcfaa7
SSDEEP

1536:QejIoZm4+RRyokYMMHYirCX7QTW3j/VFVi/MV2CJMfd:QejIoZJdorMM5rm7CW3j/j4SA

Score

N/A

Malware Config

Signatures

Files

c320649e31a5029799a5fd4f915344c3c900184545bae26811d9f9e7c803dfe3
.exe windows x86

a8ba83904b8e0c4a3e425eca1920aaaa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
GetCommandLineW
GetStartupInfoW
GetCurrentProcess
CloseHandle
WriteFile
CreateFileA
ExitProcess
SetFileAttributesW
Module32First
CreateToolhelp32Snapshot
GetProcAddress
LoadLibraryA
LocalFree
GetLastError
FindClose
OutputDebugStringA
FindResourceA
LoadResource
SizeofResource
Sleep
GetFileAttributesW
MultiByteToWideChar
HeapFree
HeapAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
TerminateProcess
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
RtlUnwind
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW

advapi32

BuildExplicitAccessWithNameA
SetEntriesInAclA
SetSecurityInfo
InitializeAcl

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 55KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy