dc48c11a22bbdd425e8bbc7c2d2105e60452a230f9c98430f1cd06303939bef4 | Triage

Submit
Reports

Overview

overview

Static

static

dc48c11a22...f4.exe

windows7-x64

dc48c11a22...f4.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

dc48c11a22bbdd425e8bbc7c2d2105e60452a230f9c98430f1cd06303939bef4.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

dc48c11a22bbdd425e8bbc7c2d2105e60452a230f9c98430f1cd06303939bef4.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

dc48c11a22bbdd425e8bbc7c2d2105e60452a230f9c98430f1cd06303939bef4
Size

500KB
MD5

a47a1c15e93fa8fb9d450f5064f7af50
SHA1

dfcb716acda8a2f3a73c5fae47615b8acf906d9f
SHA256

dc48c11a22bbdd425e8bbc7c2d2105e60452a230f9c98430f1cd06303939bef4
SHA512

cf558c5531121d2e7ffb4d831a010dbe4b065530c5def99739721aca422da5f56f172f349472fa1b1a0863a67bb33b9614a75d0bf9e2af43d59799a27c4247fd
SSDEEP

12288:eMn7uZyh4Jn8xROZ08X/o/S6Fh1dAslA:eMn6ghmn8xRONkS+Mj

Score

N/A

Malware Config

Signatures

Files

dc48c11a22bbdd425e8bbc7c2d2105e60452a230f9c98430f1cd06303939bef4
.exe windows x86

1f83ce21c6b78f7b9e3552f4799f1fa1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
CreateFileMappingA
GetFileAttributesW
TlsAlloc
ReleaseMutex
GetEnvironmentVariableA
lstrlenA
GetStartupInfoA
GetModuleHandleA
SetLastError
TlsGetValue
CreateFileA
GetACP
HeapCreate
IsBadCodePtr
HeapDestroy
GetModuleFileNameA
SetEvent
GetStdHandle
ResetEvent

user32

GetClassInfoA
PeekMessageA
CallWindowProcW
GetWindowLongA
DispatchMessageA
CreateIcon
DrawTextW
FindWindowA
GetSysColor
IsWindow
IsZoomed
DestroyMenu
DispatchMessageA

stclient

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

timedate.cpl

CPlApplet

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 491KB - Virtual size: 490KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy