a74ffc3c4bb7a4f445c64b1b7b01536b7850537c8c3ecebbb7cbbd31e4b57206 | Triage

Submit
Reports

Overview

overview

Static

static

a74ffc3c4b...06.exe

windows7-x64

a74ffc3c4b...06.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

a74ffc3c4bb7a4f445c64b1b7b01536b7850537c8c3ecebbb7cbbd31e4b57206.exe

Resource

win7-20221111-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

a74ffc3c4bb7a4f445c64b1b7b01536b7850537c8c3ecebbb7cbbd31e4b57206.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

a74ffc3c4bb7a4f445c64b1b7b01536b7850537c8c3ecebbb7cbbd31e4b57206
Size

363KB
MD5

bf7f4892f5ba7a7d90ac1c9f7d2434c9
SHA1

83b7e6508988b4eda6b45e7b7f360c2298bebaa1
SHA256

a74ffc3c4bb7a4f445c64b1b7b01536b7850537c8c3ecebbb7cbbd31e4b57206
SHA512

981ee7e83badea44d2d7bd618c55b809afa06b09823ec06d2cd083c7807b71ce6e003094c562a1a7a98e06149d85a7a446b016b7734a9cbeef974fb7010ddc45
SSDEEP

6144:lZIuRMMha4hib4j8jf51Qx7O6bcLehsEwkoK/6ERdFQJdlMu6lb/01apjbV6m8lL:lZ9RMMQx4ojf51aTcK0NEQUd0op3QlL

Score

N/A

Malware Config

Signatures

Files

a74ffc3c4bb7a4f445c64b1b7b01536b7850537c8c3ecebbb7cbbd31e4b57206
.exe windows x86

0d2556e877d0a96bc829acb65b85f9bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResumeThread
FindAtomW
CreateMailslotA
GetModuleHandleA
GetCurrentThreadId
SetLastError
GetCurrentProcessId
GetFileAttributesA
GetPrivateProfileStringW
LocalFree
GetDriveTypeW
FindClose
SetEvent
ReadFile
GlobalFree
GetConsoleAliasW
GetModuleFileNameA
EnumCalendarInfoW
EnterCriticalSection
HeapCreate

user32

GetClassInfoA
DrawTextW
CallWindowProcW
GetKeyState
GetSysColor
GetMenuInfo
DispatchMessageA
IsWindow
GetClientRect
GetKeyboardType
DispatchMessageA
GetCursorInfo
SetFocus

asycfilt

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

msasn1

ASN1BERDecBool

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 496KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 353KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy