6c54e110dd29f082ce13dcd1e2a4ac2a700cc8b7c1bb51afe84ebad355e3689a | Triage

Submit
Reports

Overview

overview

Static

static

factura 009824.exe

windows7-x64

factura 009824.exe

windows10-2004-x64

7

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

factura 009824.exe

Resource

win7-20220812-en

bandook evasion persistence rat trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

factura 009824.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

6c54e110dd29f082ce13dcd1e2a4ac2a700cc8b7c1bb51afe84ebad355e3689a
Size

1.3MB
MD5

7282dde8f4e69bf9a0052619e9437f75
SHA1

ab5318514627783e106c108ae1f530f0b7b9f643
SHA256

6c54e110dd29f082ce13dcd1e2a4ac2a700cc8b7c1bb51afe84ebad355e3689a
SHA512

971d08fa409d5f5f7f02bd6f7f2eddea0056bf295764b41e1dfcbcb2429c066766719e7fd78fb772e3a71c0cce78b65b399a5b03214d3bb55cda6cb7b68da2fa
SSDEEP

24576:Dx7ByxTiTzAsAvRTHCNsPLkNiY2shReIXE9G06EJGmx59igUWekaFaqi652l:97IiYsQRhT6iY2shR7XP0DUmx5YgUTkh

Score

N/A

Malware Config

Signatures

Files

6c54e110dd29f082ce13dcd1e2a4ac2a700cc8b7c1bb51afe84ebad355e3689a
.zip
factura 009824.exe
.exe windows x86

96a5988e559d34ed85930fa142f118a8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetLocaleInfoA

Sections

fzcsznwu
Size: 725KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 205KB - Virtual size: 370KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

odhegcsv
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

dctwyqjv
Size: 731KB - Virtual size: 736KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sbzrlwey
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy