a18e1ae14c15c5ee5989349fc679494a3c5ca4a5ef2f29f4b742b3c557169874 | Triage

Submit
Reports

Overview

overview

8

Static

static

a18e1ae14c...74.exe

windows7-x64

8

a18e1ae14c...74.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

a18e1ae14c15c5ee5989349fc679494a3c5ca4a5ef2f29f4b742b3c557169874.exe

Resource

win7-20221111-en

discovery evasion persistence trojan upx

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

a18e1ae14c15c5ee5989349fc679494a3c5ca4a5ef2f29f4b742b3c557169874.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

a18e1ae14c15c5ee5989349fc679494a3c5ca4a5ef2f29f4b742b3c557169874
Size

625KB
MD5

375f809172448110e3943ba3fd119bc2
SHA1

89757796b74a2316be19032deb113ea5ef44aacf
SHA256

a18e1ae14c15c5ee5989349fc679494a3c5ca4a5ef2f29f4b742b3c557169874
SHA512

24a9b9f9f41b835c1a25444dd6741715efe1ede1b495a2a4af5c2fe108befe885b92670ec491fc5941ebb81ba18c5f47b4ab82fe58291773c05d0596cc7092ee
SSDEEP

12288:QAUspOipN4Xl9E9AP0K3eeOqlDe3b+S+h64N2IGBfJn/qA:9TgPOK50L+rNCBBnCA

Score

N/A

Malware Config

Signatures

Files

a18e1ae14c15c5ee5989349fc679494a3c5ca4a5ef2f29f4b742b3c557169874
.exe windows x86

63de3ebc2c89b53300bb985d93b459a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
IsValidLocale
GetModuleHandleA
GetLocalTime
SetComputerNameW
WritePrivateProfileSectionW
GetSystemTime
ScrollConsoleScreenBufferA
GetVersion
FreeLibrary
GetProcAddress
LoadLibraryA
GetHandleInformation
VerLanguageNameA

version

VerFindFileW
VerFindFileA
GetFileVersionInfoW
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerInstallFileA
VerQueryValueW

opengl32

glTexCoord3fv
glMultMatrixf
wglCreateContext
glVertex4iv
wglDeleteContext
glTexCoord2i
glEndList
glMapGrid1f
glClearAccum
wglMakeCurrent

winmm

PlaySoundA
mixerClose
mciSetYieldProc
waveOutGetVolume
midiOutCacheDrumPatches
timeGetTime
midiOutGetErrorTextW
midiInOpen

msvcrt

rename
_locking
sprintf
ftell
fputs
fputc
__doserrno
_mbctombb
ferror
fread
memset
fclose
_endthread
fwprintf
isgraph
fprintf
fsetpos
printf
feof
fopen
_unlink
fwrite
_wchmod
fseek

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 524KB - Virtual size: 523KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy