3e135fdfd583522c473023f6f6dec118a3c620a7b5562fdbb6dd4767d7b5322a | Triage

Submit
Reports

Overview

overview

Static

static

3e135fdfd5...2a.exe

windows7-x64

3e135fdfd5...2a.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

3e135fdfd583522c473023f6f6dec118a3c620a7b5562fdbb6dd4767d7b5322a.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

3e135fdfd583522c473023f6f6dec118a3c620a7b5562fdbb6dd4767d7b5322a.exe

Resource

win10v2004-20220901-en

evasion persistence trojan

windows10-2004-x64

11 signatures

150 seconds

General

Target

3e135fdfd583522c473023f6f6dec118a3c620a7b5562fdbb6dd4767d7b5322a
Size

451KB
MD5

a674a0538e1b0f003f9f46424f0d1099
SHA1

628ad946d02106bfdaad56c1221373132ea2e01d
SHA256

3e135fdfd583522c473023f6f6dec118a3c620a7b5562fdbb6dd4767d7b5322a
SHA512

2e701bb5b376001c8ebf8bce5effdb0a479b3d10b6785ab19e648a71f97377c52b97866b07720414d6e0bca5a90d1961f65760e1c1bf0a3d37ca0364ce738ec0
SSDEEP

12288:wUWWBC8vO0Kr7Y0fLddM+bQ/qFsgvvqBAss:PbQ0y3M+b7bqB

Score

N/A

Malware Config

Signatures

Files

3e135fdfd583522c473023f6f6dec118a3c620a7b5562fdbb6dd4767d7b5322a
.exe windows x86

00992da5f57abecfbaa5a18961721c6a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
HeapCreate
LocalSize
ExitThread
WriteFile
FindVolumeClose
GetCurrentDirectoryW
CreateDirectoryA
GetCommandLineA
GetDriveTypeA
GetFileType
HeapFree
GetFileAttributesA
CancelIo
GetModuleFileNameA
FindVolumeClose
WaitForMultipleObjects
FindClose
lstrlenA
VirtualQuery
CloseHandle
CreateSemaphoreA
IsBadReadPtr
GetTickCount
GetFileTime

uxtheme

GetThemeTextMetrics
DrawThemeBackground
GetThemeBool
DrawThemeEdge
IsThemeActive
GetWindowTheme
CloseThemeData
SetWindowTheme
CloseThemeData
GetThemeTextExtent
GetThemeEnumValue
OpenThemeData
GetThemeColor

fltlib

FilterClose
FilterClose
FilterClose
FilterClose

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 604KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 444KB - Virtual size: 443KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy