6ffaa374cfa9504b061b52a353913c6c120bd4fe43e1a79f69fba7f964e30a4e | Triage

Submit
Reports

Overview

overview

8

Static

static

6ffaa374cf...4e.exe

windows7-x64

8

6ffaa374cf...4e.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

6ffaa374cfa9504b061b52a353913c6c120bd4fe43e1a79f69fba7f964e30a4e.exe

Resource

win7-20221111-en

evasion persistence trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

6ffaa374cfa9504b061b52a353913c6c120bd4fe43e1a79f69fba7f964e30a4e.exe

Resource

win10v2004-20221111-en

evasion persistence trojan

windows10-2004-x64

5 signatures

150 seconds

General

Target

6ffaa374cfa9504b061b52a353913c6c120bd4fe43e1a79f69fba7f964e30a4e
Size

144KB
MD5

df895e6479abf85c4c65d7d3a2451ddb
SHA1

d61ee0b0d4ed95f3300735c81740a21b8beef337
SHA256

6ffaa374cfa9504b061b52a353913c6c120bd4fe43e1a79f69fba7f964e30a4e
SHA512

76ae086876f273f959d200c0bdbf5dda2e5550467b97a81f1dd58acba4cf8a22a3be4d2206922eb761ef907bf0f3c62e29f46fda46687d4487c83cf9cd5918e8
SSDEEP

3072:CM6URDmtFYVzL5olyoJGV72t+0X6GwLmhmGoi6pjz+hHB:CMslyoGVg+26G7Avqh

Score

N/A

Malware Config

Signatures

Files

6ffaa374cfa9504b061b52a353913c6c120bd4fe43e1a79f69fba7f964e30a4e
.exe windows x86

8a7616dbd1f925d54cbc9d0d42a7147c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
FreeLibrary
HeapAlloc
HeapFree
GetProcessHeap
WriteFile
ReadFile
FindFirstFileA
GetProcAddress
LoadLibraryA
CloseHandle
GetTempPathA
DeleteFileA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
IsProcessorFeaturePresent

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 125KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy