1c5f1880e67428a729c7270955843b033952082a61f1883d63dbab7c73be33fb | Triage

Submit
Reports

Overview

overview

Static

static

1c5f1880e6...fb.exe

windows7-x64

1c5f1880e6...fb.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

1c5f1880e67428a729c7270955843b033952082a61f1883d63dbab7c73be33fb.exe

Resource

win7-20220812-en

luminosity persistence rat

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

1c5f1880e67428a729c7270955843b033952082a61f1883d63dbab7c73be33fb.exe

Resource

win10v2004-20220812-en

luminosity persistence rat

windows10-2004-x64

13 signatures

150 seconds

General

Target

1c5f1880e67428a729c7270955843b033952082a61f1883d63dbab7c73be33fb
Size

556KB
MD5

62ad200be66f60c0246959a0e71cdd74
SHA1

834e69d0a67896dd6a7f77bb6b649ca72794df94
SHA256

1c5f1880e67428a729c7270955843b033952082a61f1883d63dbab7c73be33fb
SHA512

2e726143f5d2674d00c7fbda000490bf54eac72881e1d79836a4b7604fda4d049b2363dfccca672f4d1166cd0d0846d5fe02820474b1376044cf415ec7d1e0a8
SSDEEP

12288:IVTRg2qDL2+gbf4BP7r9r/+ppppppppppppppppppppppppppppp0GZ:sT+Nkbf4B1qZ

Score

N/A

Malware Config

Signatures

Files

1c5f1880e67428a729c7270955843b033952082a61f1883d63dbab7c73be33fb
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

Certificate

Issuer

CN=NSA.GOV,OU=USA Intelligence,O=NSA,L=Adidul,ST=Kurtkhla,C=af,1.2.840.113549.1.9.1=#0c0b636d64406e73612e676f76

Not Before

23/04/2015, 16:14

Not After

22/04/2016, 16:14

Subject

CN=NSA.GOV,OU=USA Intelligence,O=NSA,L=Adidul,ST=Kurtkhla,C=af,1.2.840.113549.1.9.1=#0c0b636d64406e73612e676f76

03:b0:2a:79:02:4e:db:f7:ad:2f:9c:73:13:e2:26:45:66:3e:c5:07
Signer

Actual PE Digest

03:b0:2a:79:02:4e:db:f7:ad:2f:9c:73:13:e2:26:45:66:3e:c5:07

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=NSA.GOV,OU=USA Intelligence,O=NSA,L=Adidul,ST=Kurtkhla,C=af,1.2.840.113549.1.9.1=#0c0b636d64406e73612e676f76

24/11/2022, 14:54
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 342KB - Virtual size: 341KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy