64a6d54a322405cecfd3f16f54e26042c28d71acc9fe6dd23a32bdab1da206ab | Triage

Submit
Reports

Overview

overview

Static

static

64a6d54a32...ab.exe

windows7-x64

64a6d54a32...ab.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

64a6d54a322405cecfd3f16f54e26042c28d71acc9fe6dd23a32bdab1da206ab.exe

Resource

win7-20220901-en

gh0strat persistence rat

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

64a6d54a322405cecfd3f16f54e26042c28d71acc9fe6dd23a32bdab1da206ab.exe

Resource

win10v2004-20221111-en

gh0strat persistence rat

windows10-2004-x64

9 signatures

150 seconds

General

Target

64a6d54a322405cecfd3f16f54e26042c28d71acc9fe6dd23a32bdab1da206ab
Size

106KB
MD5

ebc9a439a73754c1df037bcfea8f95ed
SHA1

7715a0bbe8ce40d1aac77e33e0d7e2bd8499ea88
SHA256

64a6d54a322405cecfd3f16f54e26042c28d71acc9fe6dd23a32bdab1da206ab
SHA512

3b970a650ec1907c8fe946372fa6d8d5c282b1fb1939bf0db101de4a9d3677f941797f48c078ccf6e92945fb44c2df96b7bd94f6a9a9b7afaea62df44edd1c65
SSDEEP

3072:8UZGUGrK7TFalV4+0YJbsQGGoCJvtQ0K:FGPKU70YJYQGIJvtQ

Score

N/A

Malware Config

Signatures

Files

64a6d54a322405cecfd3f16f54e26042c28d71acc9fe6dd23a32bdab1da206ab
.exe windows x86

bbcc84362a9f6c304603bcd69e67a579

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

exit

Exports

Exports

Hai

Sections

.MPRESS1
Size: 82KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy