4ad80459d54b64fa66100cd1d713ea822212849a6b372a5ed5a7890bd6410a4c | Triage

Submit
Reports

Overview

overview

Static

static

4ad80459d5...4c.exe

windows7-x64

4ad80459d5...4c.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

4ad80459d54b64fa66100cd1d713ea822212849a6b372a5ed5a7890bd6410a4c.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

4ad80459d54b64fa66100cd1d713ea822212849a6b372a5ed5a7890bd6410a4c.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

2 signatures

150 seconds

General

Target

4ad80459d54b64fa66100cd1d713ea822212849a6b372a5ed5a7890bd6410a4c
Size

326KB
MD5

7fb13e15a88226e0d96a565deb0968bd
SHA1

9a799c34b8b42f17eaacee106df842da683f6868
SHA256

4ad80459d54b64fa66100cd1d713ea822212849a6b372a5ed5a7890bd6410a4c
SHA512

1c560a62869230829652b84f155aec1ac6b8b668e3450eeb31504c69d79b19d75d8cfea24719e75026194042b7634a94e15e23928bf41d30caaac42e9c6bc938
SSDEEP

6144:mpBgpXncwU6dwCz5nReZU87/iIb2Npr1eA3kzufyZf1Zo1JBd:mHghxWClnLIb2Lh70zC+ZoXBd

Score

N/A

Malware Config

Signatures

Files

4ad80459d54b64fa66100cd1d713ea822212849a6b372a5ed5a7890bd6410a4c
.exe windows x86

19cf3949567b5cb9899b2b56c248387d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
CloseHandle
FindAtomA
HeapCreate
ResetEvent
CreateFileA
CreateThread
GetModuleHandleA
GetSystemTime
ResumeThread
LoadLibraryA
GetDriveTypeA
LocalFree
lstrlenA
GetCommandLineW
GetFileAttributesA
SetLastError
GetPrivateProfileStructW
GetComputerNameA
GetDiskFreeSpaceA

advapi32

RegCloseKey
GetFileSecurityA
CreateServiceA
RegEnumValueA
FreeSid
RegQueryValueA
IsTokenUntrusted
GetLengthSid
RegDeleteKeyA
CloseEventLog
RegCreateKeyExA
GetUserNameA
RegEnumKeyExA

ntshrui

IsFolderPrivateForUser
GetLocalPathFromNetResourceA
IsPathSharedA
GetNetResourceFromLocalPathA
IsPathSharedW

user32

MessageBoxA

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 316KB - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy