91d9e31994e947cfc7b388eb58422262e99caf720fb9b5d2bca6f1138634a448 | Triage

Submit
Reports

Overview

overview

Static

static

91d9e31994...48.exe

windows7-x64

91d9e31994...48.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

91d9e31994e947cfc7b388eb58422262e99caf720fb9b5d2bca6f1138634a448.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

91d9e31994e947cfc7b388eb58422262e99caf720fb9b5d2bca6f1138634a448.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

2 signatures

150 seconds

General

Target

91d9e31994e947cfc7b388eb58422262e99caf720fb9b5d2bca6f1138634a448
Size

367KB
MD5

1b10a6b9e416a095f031fdab729a984d
SHA1

aeda8e8e3784c7fd066efafe4c2be41f4e9820a3
SHA256

91d9e31994e947cfc7b388eb58422262e99caf720fb9b5d2bca6f1138634a448
SHA512

add121abaf9b6b0b475888769feab7cbc2f7faa14720a43c87203778daaef57fe85d08d862be1e4d05264597bcc993eee5890f11d52043c9830e3c83d0066cc3
SSDEEP

6144:ncvA2RMKbhrVf/DRauRHlwrFYaN5ino7241GtMqzIXPH8CV+mybPzKP3zUeXm9+r:chRMKdrpDneFNzino7IUHybPzQjUeX

Score

N/A

Malware Config

Signatures

Files

91d9e31994e947cfc7b388eb58422262e99caf720fb9b5d2bca6f1138634a448
.exe windows x86

f139117e61754dbc78247776c24c735f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
GetPrivateProfileStringW
GetModuleFileNameA
GetModuleHandleA
GetNumberFormatW
TlsGetValue
FindAtomW
SetEvent
ResumeThread
EnterCriticalSection
EnumCalendarInfoW
GetCurrentThreadId
ReadFile
HeapCreate
GetCurrentProcessId
GetDriveTypeW
lstrlenW
GetConsoleAliasW
LocalFree
SetLastError

user32

DispatchMessageA
GetCursorInfo
GetClientRect
DrawTextW
DispatchMessageA
GetKeyboardType
SetFocus
IsWindow
GetSysColor
CallWindowProcW
GetKeyState
GetMenuInfo
GetClassInfoA

wsnmp32

SnmpGetTimeout
SnmpGetTimeout
SnmpGetTimeout
SnmpGetTimeout
SnmpGetTimeout

msasn1

ASN1BERDecBool

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 492KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 357KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy