77e8c9237e35d00f33774f5aebd37606567b160ae615828796f372bf448a45be | Triage

Submit
Reports

Overview

overview

Static

static

77e8c9237e...be.exe

windows7-x64

77e8c9237e...be.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

77e8c9237e35d00f33774f5aebd37606567b160ae615828796f372bf448a45be.exe

Resource

win7-20221111-en

xtremerat evasion persistence rat spyware upx

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

77e8c9237e35d00f33774f5aebd37606567b160ae615828796f372bf448a45be.exe

Resource

win10v2004-20221111-en

xtremerat evasion persistence rat spyware upx

windows10-2004-x64

12 signatures

150 seconds

General

Target

77e8c9237e35d00f33774f5aebd37606567b160ae615828796f372bf448a45be
Size

932KB
MD5

cbf6765e51d13344cb35aa29360e07e3
SHA1

31e94508068ac287116a802e7d9e9df110c7f2cf
SHA256

77e8c9237e35d00f33774f5aebd37606567b160ae615828796f372bf448a45be
SHA512

e0f70fccd9d0bdeb3547630550501af22943da9f1b18d5e83bc3f6981fef46b784f699f8f56c14bc7b6d30f01f39cbe5ab498aa4c2f58f169ad58c4f7e3c8a48
SSDEEP

24576:ZD1T+tIEhyZiEPVp+VSp2xsZ5/GAOIIYIG1cZIxv0XBN:l1TFv8EdTp7OAOIFZaZxz

Score

N/A

Malware Config

Signatures

Files

77e8c9237e35d00f33774f5aebd37606567b160ae615828796f372bf448a45be
.exe windows x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 12KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 1000KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

uhiowapj
Size: 804KB - Virtual size: 804KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nfppnznm
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy