1347a4ebd1928927088af64792de83cf937969bbe81dabfc8812c850ac3059c0 | Triage

Submit
Reports

Overview

overview

Static

static

1347a4ebd1...c0.exe

windows7-x64

1347a4ebd1...c0.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

1347a4ebd1928927088af64792de83cf937969bbe81dabfc8812c850ac3059c0.exe

Resource

win7-20220812-en

gh0strat persistence rat

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

1347a4ebd1928927088af64792de83cf937969bbe81dabfc8812c850ac3059c0.exe

Resource

win10v2004-20221111-en

gh0strat persistence rat

windows10-2004-x64

8 signatures

150 seconds

General

Target

1347a4ebd1928927088af64792de83cf937969bbe81dabfc8812c850ac3059c0
Size

142KB
MD5

89fee6970e012d524a423edced8683cf
SHA1

d6fa054a1630b0658a11506e6a07715c3926d861
SHA256

1347a4ebd1928927088af64792de83cf937969bbe81dabfc8812c850ac3059c0
SHA512

31fc6aa2e3bc2a8d5a0d088fa48490de5ed2f0020fa387cadba5ad815b18e337d44dc83e03bbd728409f4e8f8db8554c1b3965679a80ae4d669d3c728117690e
SSDEEP

3072:s5rOEUe4wssC7A0PzLJwg3XhPTXRjjZ60+nimIxFNZSPxWNMBE:ntJAWlwgHhrRjjV+nimeMi

Score

N/A

Malware Config

Signatures

Files

1347a4ebd1928927088af64792de83cf937969bbe81dabfc8812c850ac3059c0
.exe windows x86

75cd2ff4db3323e1be90d256364cc393

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
VirtualProtect
VirtualFree
HeapAlloc
GetProcessHeap
GetProcAddress
LoadLibraryA
IsBadReadPtr

msvcrt

??2@YAPAXI@Z
realloc
_stricmp
__CxxFrameHandler
calloc
free
??3@YAXPAX@Z

Exports

Exports

Hfs

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy