ef4b3ffc69ecf69409ae39f13507a9b4ad8aa010e6b1bf90080375031fc3ccf6 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

ef4b3ffc69...f6.exe

windows7-x64

ef4b3ffc69...f6.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

ef4b3ffc69ecf69409ae39f13507a9b4ad8aa010e6b1bf90080375031fc3ccf6.exe

Resource

win7-20220812-en

imminent spyware trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

ef4b3ffc69ecf69409ae39f13507a9b4ad8aa010e6b1bf90080375031fc3ccf6.exe

Resource

win10v2004-20220812-en

imminent spyware trojan

windows10-2004-x64

11 signatures

150 seconds

General

Target

ef4b3ffc69ecf69409ae39f13507a9b4ad8aa010e6b1bf90080375031fc3ccf6
Size

272KB
MD5

e87802adc9385a9960d4d505bf9777ee
SHA1

8acf181bcd2aa1288d454c980ceb67df235f8b07
SHA256

ef4b3ffc69ecf69409ae39f13507a9b4ad8aa010e6b1bf90080375031fc3ccf6
SHA512

ab1638215883d084a78471a0594be0e062d521e13231e495b17266dd5317c3af590153c4ef813d173c14afd70e9528499b3387a6ab0e2445ebf17cef2ba3548b
SSDEEP

6144:/DzXdjKLCXJnmlrroy1pvj7WjDiuFCNBL/Yctlm:fJgCXJnmVnbXWjOGu1AIm

Score

N/A

Malware Config

Signatures

Files

ef4b3ffc69ecf69409ae39f13507a9b4ad8aa010e6b1bf90080375031fc3ccf6
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

2f:d9:13:0f:6a:cc:51:87:4f:2b:6c:49:be:05:e4:4d
Certificate

Issuer

CN={75F8BB5A-A5BE-4EED-BD1C-7F6E55702F48}

Not Before

24/05/2014, 21:19

Not After

25/05/2015, 03:19

Subject

CN={75F8BB5A-A5BE-4EED-BD1C-7F6E55702F48}

a1:1a:60:ea:df:b0:93:da:e7:7f:20:46:fa:05:7a:3b:f5:a2:9f:24
Signer

Actual PE Digest

a1:1a:60:ea:df:b0:93:da:e7:7f:20:46:fa:05:7a:3b:f5:a2:9f:24

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN={75F8BB5A-A5BE-4EED-BD1C-7F6E55702F48}

24/11/2022, 14:54
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 269KB - Virtual size: 269KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy