56af0cd10e2cfcdb1a4e2daa543262e1f16473f548817a4c198e16d797a7ecaf | Triage

Submit
Reports

Overview

overview

Static

static

56af0cd10e...af.exe

windows7-x64

56af0cd10e...af.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

56af0cd10e2cfcdb1a4e2daa543262e1f16473f548817a4c198e16d797a7ecaf.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

56af0cd10e2cfcdb1a4e2daa543262e1f16473f548817a4c198e16d797a7ecaf.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

56af0cd10e2cfcdb1a4e2daa543262e1f16473f548817a4c198e16d797a7ecaf
Size

453KB
MD5

35be1c430f646bebe9c4815c0b60c519
SHA1

25976ec8299aeb17d161ec9c2ff2ee5782425600
SHA256

56af0cd10e2cfcdb1a4e2daa543262e1f16473f548817a4c198e16d797a7ecaf
SHA512

1166091702915bdf9f88bf0549d1ce0dc00df11e438db4a24ada63817a9790fa2cea80b6866fd79b6c5bdc2ccd7f6bc1e8fcfe89671dde32e9664c4e9d068657
SSDEEP

12288:XEZD4b55K7gvvr4sE7l3XWEZLorcjks/3fl5JF67cOn7qp:XN5w3zZ8rcksPf67cuq

Score

N/A

Malware Config

Signatures

Files

56af0cd10e2cfcdb1a4e2daa543262e1f16473f548817a4c198e16d797a7ecaf
.exe windows x86

00cbdf3e379f45b3269e76064045ccf5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MapViewOfFile
ReadFile
SuspendThread
GetFileType
HeapFree
GetCurrentDirectoryW
GetCommandLineW
EnterCriticalSection
GlobalSize
SetFileAttributesW
Sleep
SetLastError
SetLastError
CloseHandle
GetModuleHandleA
WaitForSingleObject
GetDriveTypeA
IsBadReadPtr
GetCommandLineA
HeapCreate
GlobalLock
GetFileAttributesA
GetFileTime
ExitThread
GetEnvironmentVariableW

uxtheme

GetWindowTheme
GetThemeTextExtent
GetThemeEnumValue
DrawThemeEdge
GetThemeColor
SetWindowTheme
CloseThemeData
DrawThemeBackground
GetThemeTextMetrics
CloseThemeData
IsThemeActive
GetThemeBool
OpenThemeData

deskmon

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 600KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 445KB - Virtual size: 445KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy