eceffbae4a2e2256ca748a0bbeaef3ba01ca623d2b3d9539983982bb8e019134 | Triage

Submit
Reports

Overview

overview

Static

static

eceffbae4a...34.exe

windows7-x64

eceffbae4a...34.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

eceffbae4a2e2256ca748a0bbeaef3ba01ca623d2b3d9539983982bb8e019134.exe

Resource

win7-20220901-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

eceffbae4a2e2256ca748a0bbeaef3ba01ca623d2b3d9539983982bb8e019134.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

eceffbae4a2e2256ca748a0bbeaef3ba01ca623d2b3d9539983982bb8e019134
Size

365KB
MD5

1a0e6681815f965565ba1a53665b621d
SHA1

280a2f017575bf6a36983553f0bca307bd93f601
SHA256

eceffbae4a2e2256ca748a0bbeaef3ba01ca623d2b3d9539983982bb8e019134
SHA512

11108ba0d8e47b09c8cc07426d9b55506a78b5f1e934b73a505d1b8d5d3d7fd9b25b721ee0ba44dbd8f3f30446e3b927a8df2b2a6d764dca5162bf960f74c182
SSDEEP

6144:jPDRMaa4hib4j8jf51Qx7O6bcLehsEwkoK/6ERdFQJdlMu6lb/01apjbV6m8lL:HRM1x4ojf51aTcK0NEQUd0op3QlL

Score

N/A

Malware Config

Signatures

Files

eceffbae4a2e2256ca748a0bbeaef3ba01ca623d2b3d9539983982bb8e019134
.exe windows x86

1eeedd8dd903f22a3c465308370af54d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
GetCurrentThreadId
FindAtomW
LocalFree
GetCurrentProcessId
GetConsoleAliasW
GetDriveTypeW
ReadFile
SetEvent
CreateMailslotA
GetModuleHandleA
ResumeThread
EnterCriticalSection
GetModuleFileNameA
HeapCreate
GetFileAttributesA
GlobalFree
EnumCalendarInfoW
GetPrivateProfileStringW
SetLastError

user32

GetSysColor
GetKeyboardType
GetMenuInfo
GetCursorInfo
GetClassInfoA
SetFocus
DrawTextW
DispatchMessageA
GetClientRect
IsWindow
CallWindowProcW
DispatchMessageA
GetKeyState

asycfilt

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

msasn1

ASN1BERDecBool

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 496KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 355KB - Virtual size: 354KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy