09d663fa14827edf0e95d77c5e2563754954d3b1c55aee913cd2b376beb28c30 | Triage

Submit
Reports

Overview

overview

Static

static

09d663fa14...30.exe

windows7-x64

09d663fa14...30.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

09d663fa14827edf0e95d77c5e2563754954d3b1c55aee913cd2b376beb28c30.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

09d663fa14827edf0e95d77c5e2563754954d3b1c55aee913cd2b376beb28c30.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

09d663fa14827edf0e95d77c5e2563754954d3b1c55aee913cd2b376beb28c30
Size

370KB
MD5

9235de57707820bf589b374097c83d1b
SHA1

1e6c6c8d24ee514d6e2e7fb9e94b7cf6b9a101d4
SHA256

09d663fa14827edf0e95d77c5e2563754954d3b1c55aee913cd2b376beb28c30
SHA512

6143f960a6a249406fb6328a3886c3120318b679eaa9df55e63ee50ef6f906f0e9d83d7830534e3c52fbfb17f8b44e6558154476c1c24ece89141df8bced1bfd
SSDEEP

6144:F8RMbt0HEAT1fxhcMxW2pL7lv6w2K/PkFtR6sFHYnHFWhTyHVEOSQTQiJY7jM56g:mRMmHEAJLjpFv6w2K/PkFtlVMHFWg1E5

Score

N/A

Malware Config

Signatures

Files

09d663fa14827edf0e95d77c5e2563754954d3b1c55aee913cd2b376beb28c30
.exe windows x86

31f579bb8aa0dc574fab8f4aa02dcbee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventW
TlsGetValue
WriteFile
lstrlenW
GetPrivateProfileStringA
IsBadStringPtrW
GetCurrentProcessId
ReleaseMutex
LoadLibraryW
FindClose
GetCurrentThreadId
LocalFree
GetFileTime
GlobalFlags
GetDriveTypeA
HeapCreate
ReleaseMutex
InitializeCriticalSection
GetEnvironmentVariableW
FindAtomA

user32

GetClientRect
GetClassInfoA
IsWindow
GetSysColor
CallWindowProcW
GetSysColor
GetKeyboardType
DrawTextA
DrawStateW
DispatchMessageA
EndDialog
CreateWindowExA
SetFocus

rastapi

DeviceDone
DeviceDone
DeviceDone
DeviceDone
DeviceDone

cryptui

LocalEnroll

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 360KB - Virtual size: 360KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy