b27ebd1a677f774a1ba05aad5fb4f2cfa4cdccfe1f68500491c13f3b229e87c2 | Triage

Submit
Reports

Overview

overview

Static

static

b27ebd1a67...c2.exe

windows7-x64

b27ebd1a67...c2.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

b27ebd1a677f774a1ba05aad5fb4f2cfa4cdccfe1f68500491c13f3b229e87c2.exe

Resource

win7-20221111-en

evasion persistence trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

b27ebd1a677f774a1ba05aad5fb4f2cfa4cdccfe1f68500491c13f3b229e87c2.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

b27ebd1a677f774a1ba05aad5fb4f2cfa4cdccfe1f68500491c13f3b229e87c2
Size

391KB
MD5

c17aa63e794db240bab8cfaafb609c99
SHA1

9530e43de213f63ce0f11de14c3a4ae3fb59ba47
SHA256

b27ebd1a677f774a1ba05aad5fb4f2cfa4cdccfe1f68500491c13f3b229e87c2
SHA512

0fae84d7cdfc50de3a9a72a6eaf1c08675da6740ad6edd40313ab7035c91176ed8a89614c9f255e4b2144aa96c3567e696afff719187d33d657e5f32536e3970
SSDEEP

12288:2zZwecLK6lcRFXD3Ddw4g50lfkpVURpI:29wecLTIFwQlcVUj

Score

N/A

Malware Config

Signatures

Files

b27ebd1a677f774a1ba05aad5fb4f2cfa4cdccfe1f68500491c13f3b229e87c2
.exe windows x86

e3b737f15157d0ac3d00be53fe092bcd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtectEx
TlsGetValue
GetTickCount
lstrlenW
GetModuleFileNameA
WriteConsoleW
CancelIo
GetConsoleTitleW
GetCalendarInfoA
GetModuleHandleA
GetFileSize
CloseHandle
InitializeCriticalSection
CancelIo
GetStartupInfoA
GlobalFree
CreateFileA
Sleep
DeleteFileA
ReadFile
GetCommandLineW
RemoveDirectoryA
LeaveCriticalSection
EnterCriticalSection
CreateDirectoryW

user32

GetWindowLongA
GetClassInfoA
DestroyMenu
wsprintfA
MessageBoxA
IsWindow
IsWindowEnabled
GetSysColor
IsWindowVisible
CreateIcon
GetWindowLongA
DispatchMessageA
PeekMessageA

console

CPlApplet
CPlApplet
CPlApplet
CPlApplet

advapi32

RegCloseKey

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 382KB - Virtual size: 924KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy