92cfa3aa7d35af320c4a3d0b6e17dd7f31389f6c1fd2e39bd38fdd43bcccb9f1 | Triage

Submit
Reports

Overview

overview

Static

static

92cfa3aa7d...f1.exe

windows7-x64

92cfa3aa7d...f1.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

92cfa3aa7d35af320c4a3d0b6e17dd7f31389f6c1fd2e39bd38fdd43bcccb9f1.exe

Resource

win7-20221111-en

evasion persistence trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

92cfa3aa7d35af320c4a3d0b6e17dd7f31389f6c1fd2e39bd38fdd43bcccb9f1.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

92cfa3aa7d35af320c4a3d0b6e17dd7f31389f6c1fd2e39bd38fdd43bcccb9f1
Size

435KB
MD5

b09ea7fa81f8e05df12db90b4e94e747
SHA1

9632d5009f837e8f9dceb501d9b5d7406219eaf5
SHA256

92cfa3aa7d35af320c4a3d0b6e17dd7f31389f6c1fd2e39bd38fdd43bcccb9f1
SHA512

f86cc18aa246f27e4a31b3f7318a0573a890b6db2846e82170e5b971ea1a47e0e5558167520ed1d835b226f513a99faefadab7e9f078c084f7323103db8066f5
SSDEEP

6144:TpWyyeFGhaDMPg3LBV3ktoScBtkwqwP3sRfoGOuEQYkWnUHRFUEZugqoLVuHkDOB:AyyegLI31V0tohCyPcR9Wkj/UE/VumT

Score

N/A

Malware Config

Signatures

Files

92cfa3aa7d35af320c4a3d0b6e17dd7f31389f6c1fd2e39bd38fdd43bcccb9f1
.exe windows x86

101b98eeca9e38dc7d40c5170f7f044f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexW
WaitForSingleObject
GetFileSize
HeapSize
GetCurrentDirectoryA
InitializeCriticalSection
ExitProcess
SetEndOfFile
GetTickCount
HeapCreate
CloseHandle
SuspendThread
DeleteFileA
FindClose
ReleaseMutex
CreateFileA
HeapDestroy
ResetEvent
GetStartupInfoW
AddAtomA
SetLastError
GetProfileIntW
GetModuleHandleA
GetEnvironmentVariableA
GetTickCount

shell32

DuplicateIcon
SHGetSettings
ShellAboutA
DragFinish
ShellMessageBoxA
ExtractIconA
DllUnregisterServer
DragQueryFileA
DragAcceptFiles
SHGetDiskFreeSpaceA
SHGetMalloc
StrChrA
SHFree

dpmodemx

SPInit
SPInit
SPInit
SPInit

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 620KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 428KB - Virtual size: 428KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy