8fc2ab8c4220b98e07b74de2e01d2789499033776ae7544a607571bddf25949f | Triage

Submit
Reports

Overview

overview

Static

static

8fc2ab8c42...9f.exe

windows7-x64

8fc2ab8c42...9f.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

8fc2ab8c4220b98e07b74de2e01d2789499033776ae7544a607571bddf25949f.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

8fc2ab8c4220b98e07b74de2e01d2789499033776ae7544a607571bddf25949f.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

8fc2ab8c4220b98e07b74de2e01d2789499033776ae7544a607571bddf25949f
Size

371KB
MD5

7c20bfd31f79c18d618a9ecd5e45b056
SHA1

b15e4c5e1a3dac806a0f4be4334599b3ef3d7a2d
SHA256

8fc2ab8c4220b98e07b74de2e01d2789499033776ae7544a607571bddf25949f
SHA512

6e69e2ec9616d5de64808f05ecf726fe938916b6872de917b4d336bbefa0179ed5fb1e696ee6abbcad7110cad59c303aa734f52d0818f525d8ac34f15c71eac9
SSDEEP

6144:n/4DRMBDKP9EoxGcTYNh91DQJ7w6Mcx8MYeWKnEWYzXTz+VNypJOVglH5fDsf1Ku:ngDRMDL9/u5Wcxr8/frTzcNS0G3fDsft

Score

N/A

Malware Config

Signatures

Files

8fc2ab8c4220b98e07b74de2e01d2789499033776ae7544a607571bddf25949f
.exe windows x86

647204edc32b6f45e9d16d39a4a0cbf3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
HeapCreate
SuspendThread
ResumeThread
GetEnvironmentVariableW
GetDriveTypeA
GetPrivateProfileStringA
LocalFree
GetNumberFormatA
GetCurrentProcessId
GlobalFlags
FindClose
TlsGetValue
InitializeCriticalSection
LoadLibraryW
CreateEventW
GetConsoleAliasA
FindAtomA
lstrlenW
WriteFile

user32

SetFocus
DispatchMessageA
GetSysColor
GetClassInfoA
GetSysColor
GetClientRect
GetKeyboardType
DrawTextA
DrawStateW
EndDialog
IsWindow
CreateWindowExA
CallWindowProcW

resutils

ClusWorkerStart
ClusWorkerStart
ClusWorkerStart
ClusWorkerStart
ClusWorkerStart

clbcatq

DllGetClassObject

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 488KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 361KB - Virtual size: 361KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy