7f0e22425c5a6dbc9839b68e82083eccde9054df032db19540a6ea41066e66cd | Triage

Submit
Reports

Overview

overview

Static

static

7f0e22425c...cd.exe

windows7-x64

7f0e22425c...cd.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

7f0e22425c5a6dbc9839b68e82083eccde9054df032db19540a6ea41066e66cd.exe

Resource

win7-20220901-en

evasion persistence trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

7f0e22425c5a6dbc9839b68e82083eccde9054df032db19540a6ea41066e66cd.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

7f0e22425c5a6dbc9839b68e82083eccde9054df032db19540a6ea41066e66cd
Size

452KB
MD5

eca68c5c250e3335c98880bf9db6ca49
SHA1

556fdd8e0545be853f91734ce3b81292d7bb9bbf
SHA256

7f0e22425c5a6dbc9839b68e82083eccde9054df032db19540a6ea41066e66cd
SHA512

71281ea05eadbc52ee9bfa23c5e6892fac04dbd3243016ea081444ad054a5e9d06b6de415ff7ab3578b2cc5694b1c974788e0bd9eb13fcda6bc5516566004fdb
SSDEEP

6144:11oooHYsYe6Gwn2SJWYy9x8pn9YANf4utiOAKDIqnQHSavyHsaN3z9y+zxbvG+6h:11OHYsheyD8pn9MMXcqQH+59/LWU

Score

N/A

Malware Config

Signatures

Files

7f0e22425c5a6dbc9839b68e82083eccde9054df032db19540a6ea41066e66cd
.exe windows x86

798430c805dd11078d17eeb1aa5a083c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenEventA
VirtualProtectEx
GetLastError
CreateDirectoryW
RemoveDirectoryA
CreateFileA
CreateFileMappingW
lstrlenA
RemoveDirectoryA
HeapFree
ReleaseMutex
SetStdHandle
Sleep
GetCommandLineA
DeleteFileA
WriteFile
FindClose
WriteConsoleW
GetFileType
FindClose
CancelIo
GetModuleHandleA
CreateMailslotW
CreateEventW
ResetEvent

cryptui

CryptUIWizExport
CryptUIDlgFreeCAContext
LocalEnroll
CryptUIWizBuildCTL
WizardFree
WizardFree
CryptUIWizImport
LocalEnrollNoDS
CryptUIDlgViewContext
CryptUIStartCertMgr
DllUnregisterServer
CryptUIWizDigitalSign
DllRegisterServer

dbnmpntw

ConnectionClose
ConnectionClose
ConnectionClose
ConnectionClose

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 604KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 443KB - Virtual size: 443KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy