a0b2480d7e16862a0cc7c1796713af890f45a9cbd0e5df65d4c00ae6b51a6538 | Triage

Submit
Reports

Overview

overview

Static

static

a0b2480d7e...38.exe

windows7-x64

a0b2480d7e...38.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

a0b2480d7e16862a0cc7c1796713af890f45a9cbd0e5df65d4c00ae6b51a6538.exe

Resource

win7-20221111-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

a0b2480d7e16862a0cc7c1796713af890f45a9cbd0e5df65d4c00ae6b51a6538.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

a0b2480d7e16862a0cc7c1796713af890f45a9cbd0e5df65d4c00ae6b51a6538
Size

374KB
MD5

c4e7a447309d2e55a7566f7d46ff594e
SHA1

182915b8250a7ce555c3ad42876cb3a21f4a4ebc
SHA256

a0b2480d7e16862a0cc7c1796713af890f45a9cbd0e5df65d4c00ae6b51a6538
SHA512

22646797f5bc33a683e31c78941b0cfe43fed3a5e85761c109388e25d21ed06c2c7fc4c63f606a33b833066501f7d4e479de45e89a0ceb25ac77cfb418d5c0c3
SSDEEP

6144:g23RM+MKP9EoxGcTYNh91DQJ7w6Mcx8MYeWKnEWYzXTz+VNypJOVglH5fDsf1KpU:t3RM+KL9/u5Wcxr8/frTzcNS0G3fDsft

Score

N/A

Malware Config

Signatures

Files

a0b2480d7e16862a0cc7c1796713af890f45a9cbd0e5df65d4c00ae6b51a6538
.exe windows x86

a0580a8987ec7b770403cd0608686f19

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindAtomA
GetPrivateProfileStringA
GetCurrentThreadId
LocalFree
lstrlenW
GetDriveTypeW
GetEnvironmentVariableW
InitializeCriticalSection
HeapCreate
SuspendThread
CreateEventW
GetConsoleAliasA
GetNumberFormatA
TlsGetValue
LocalFlags
ResumeThread
FindClose
GetCurrentProcessId
ReadFile
LoadLibraryW

user32

DrawTextA
CallWindowProcW
GetClassInfoA
DrawStateW
DispatchMessageA
GetSysColor
GetKeyboardType
IsWindow
SetFocus
GetClientRect
GetSysColor
CreateWindowExA
EndDialog

srclient

EnableSR
EnableSR
EnableSR
EnableSR
EnableSR

clbcatq

DllGetClassObject

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 484KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 364KB - Virtual size: 364KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy