f02036dc1354e47bb1ed9f1b81a6626b01928a9f7dc24d24abd801f4ce5d657e | Triage

Submit
Reports

Overview

overview

Static

static

f02036dc13...7e.exe

windows7-x64

f02036dc13...7e.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

f02036dc1354e47bb1ed9f1b81a6626b01928a9f7dc24d24abd801f4ce5d657e.exe

Resource

win7-20221111-en

xtremerat evasion persistence rat spyware

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

f02036dc1354e47bb1ed9f1b81a6626b01928a9f7dc24d24abd801f4ce5d657e.exe

Resource

win10v2004-20221111-en

xtremerat evasion persistence rat spyware

windows10-2004-x64

11 signatures

150 seconds

General

Target

f02036dc1354e47bb1ed9f1b81a6626b01928a9f7dc24d24abd801f4ce5d657e
Size

996KB
MD5

376830294e3248b64e3cc045379d866f
SHA1

da7c94266ae4703e1533b0bf55223c317b1e8dd4
SHA256

f02036dc1354e47bb1ed9f1b81a6626b01928a9f7dc24d24abd801f4ce5d657e
SHA512

b9b7d2f6cf171140cd0cb9c33f35be13ab2028ea852f52a16c3e361d65ccce5fb42dde74f4f53bfa6f536e9384d6709b80e3fed80c181dc0f7c48c110c90ca87
SSDEEP

24576:Ynp5kzfilDo0Vu5CZzTmgF9RS+gzEJeoGJ7ohnWepS3iG:QDaiDo0RzTbFgLoWD3z

Score

N/A

Malware Config

Signatures

Files

f02036dc1354e47bb1ed9f1b81a6626b01928a9f7dc24d24abd801f4ce5d657e
.exe windows x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 24KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 992KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

josagapy
Size: 800KB - Virtual size: 800KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

opasqqff
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy