91d60964d55d89eb5cb13801b5c11c203f655fefa6871d5f4e1ebd35d4d65655 | Triage

Submit
Reports

Overview

overview

Static

static

91d60964d5...55.exe

windows7-x64

91d60964d5...55.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

91d60964d55d89eb5cb13801b5c11c203f655fefa6871d5f4e1ebd35d4d65655.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

91d60964d55d89eb5cb13801b5c11c203f655fefa6871d5f4e1ebd35d4d65655.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

91d60964d55d89eb5cb13801b5c11c203f655fefa6871d5f4e1ebd35d4d65655
Size

499KB
MD5

e123e046e3abd48a95b552b41b75a44d
SHA1

8c4952de25385fa3e38032c711d4a2505de3aee3
SHA256

91d60964d55d89eb5cb13801b5c11c203f655fefa6871d5f4e1ebd35d4d65655
SHA512

76722ecb00c54776813de019bf52be7c8d08ae13b6f56a08b7b54660af79408a7c092aa848707b56e25baaf858e1b0e89ae6c30dd8d4db931d04b4973b765ca6
SSDEEP

6144:UzXhvkZ8gulzV2V9/H5DTwaHd6dcNiXPnpUTJPyd+MElqwkp7:yxMZu2z96dcYXPnpcJPydjZ

Score

N/A

Malware Config

Signatures

Files

91d60964d55d89eb5cb13801b5c11c203f655fefa6871d5f4e1ebd35d4d65655
.exe windows x86

0d2dc015400a5c48997a1c6ab4b31c4b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetStartupInfoA
GetACP
GetModuleHandleA
CreateFileA
HeapCreate
CreateFileMappingA
PulseEvent
CancelIo
IsBadStringPtrA
ResumeThread
DeviceIoControl
GetDriveTypeA
IsDebuggerPresent
TlsAlloc
GetModuleFileNameA
SuspendThread
DeleteFileA
TlsGetValue
ReleaseMutex

user32

PeekMessageA
GetIconInfo
DestroyWindow
LoadImageA
GetWindowLongA
DestroyMenu
IsWindow
DispatchMessageA
DrawTextW
CallWindowProcW
IsZoomed
DispatchMessageA
FindWindowW

amstream

DllRegisterServer
DllRegisterServer
DllRegisterServer
DllRegisterServer

cryptui

LocalEnroll

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 408KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 491KB - Virtual size: 490KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy