ab4b5ac0a55626bc40c07d7edb0e60521d19bc34e6bb2dc639c71375e1822cc5 | Triage

Submit
Reports

Overview

overview

Static

static

ab4b5ac0a5...c5.exe

windows7-x64

ab4b5ac0a5...c5.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

ab4b5ac0a55626bc40c07d7edb0e60521d19bc34e6bb2dc639c71375e1822cc5.exe

Resource

win7-20220901-en

discovery evasion persistence trojan

windows7-x64

15 signatures

150 seconds

Behavioral task

behavioral2

Sample

ab4b5ac0a55626bc40c07d7edb0e60521d19bc34e6bb2dc639c71375e1822cc5.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

ab4b5ac0a55626bc40c07d7edb0e60521d19bc34e6bb2dc639c71375e1822cc5
Size

363KB
MD5

1a32cf1d3b2b85f3c085b6688353f49c
SHA1

90baf444d22cc00dd7a9e4771df9ac7cefbf11d4
SHA256

ab4b5ac0a55626bc40c07d7edb0e60521d19bc34e6bb2dc639c71375e1822cc5
SHA512

a12814023988b8a18d76cfac402ea96c014cc4e756995918458d891a77e272824f4287c051298e9e7e6f4c30d7303677c845a96d101817e48057b581a8d46691
SSDEEP

6144:mHY0RMMha4hib4j8jf51Qx7O6bcLehsEwkoK/6ERdFQJdlMu6lb/01apjbV6m8lL:mHY0RMMQx4ojf51aTcK0NEQUd0op3QlL

Score

N/A

Malware Config

Signatures

Files

ab4b5ac0a55626bc40c07d7edb0e60521d19bc34e6bb2dc639c71375e1822cc5
.exe windows x86

110b371a96e3bfad893a8f491614b4d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumCalendarInfoW
GetDriveTypeW
GetCurrentProcessId
SetLastError
GetCurrentThreadId
GetModuleHandleA
GetPrivateProfileStringW
EnterCriticalSection
FindAtomW
CreateMailslotA
GetConsoleAliasW
HeapCreate
GetFileAttributesA
LocalFree
GlobalFree
ReadFile
GetModuleFileNameA
ResumeThread
FindClose
SetEvent

user32

DrawTextW
DispatchMessageA
CallWindowProcW
GetKeyState
GetMenuInfo
IsWindow
DispatchMessageA
GetSysColor
SetFocus
GetClientRect
GetClassInfoA
GetKeyboardType
GetCursorInfo

asycfilt

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

msasn1

ASN1BERDecBool

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 496KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 353KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy