3457f07e594dd40c8e0bbbd3af1310d1cafa7c63bc58b1fdb66094ee94358a45 | Triage

Submit
Reports

Overview

overview

Static

static

3457f07e59...45.exe

windows7-x64

3457f07e59...45.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

3457f07e594dd40c8e0bbbd3af1310d1cafa7c63bc58b1fdb66094ee94358a45.exe

Resource

win7-20220901-en

evasion persistence trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

3457f07e594dd40c8e0bbbd3af1310d1cafa7c63bc58b1fdb66094ee94358a45.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

7 signatures

150 seconds

General

Target

3457f07e594dd40c8e0bbbd3af1310d1cafa7c63bc58b1fdb66094ee94358a45
Size

451KB
MD5

bd4046fe087b30c59f736b46a604360f
SHA1

a484253562d6373eef4751d9ac74f7956a3f7760
SHA256

3457f07e594dd40c8e0bbbd3af1310d1cafa7c63bc58b1fdb66094ee94358a45
SHA512

dd451f25a8492d27cd41c53dd99bc5913864d3dfbe501a3de5c1c4368afc96722afaa265de3ff315a2c335accfe5f6713a56a409fa60c6edaab1c1009867a103
SSDEEP

6144:gYQuOyXKA6P196JHZLLDoqPeGn7tJBMOuwgz0wW07MpezITXcntdxa8Wg2rikW:gYQu4A6r61doqPFuwJ0WXctXa80ri

Score

N/A

Malware Config

Signatures

Files

3457f07e594dd40c8e0bbbd3af1310d1cafa7c63bc58b1fdb66094ee94358a45
.exe windows x86

e2fde6e635a98bcd61b4f183f23545c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitThread
FindClose
GetModuleFileNameA
CloseHandle
CancelIo
SetFileAttributesW
FindVolumeClose
GetCommandLineA
LocalSize
WriteFile
EnterCriticalSection
HeapFree
FindVolumeClose
GetFileTime
GetCurrentDirectoryW
MapViewOfFile
GetModuleHandleA
GetCommandLineW
IsBadReadPtr
lstrlenA
GetDriveTypeA
WaitForMultipleObjects
HeapCreate
GetFileType
GetFileAttributesA

uxtheme

CloseThemeData
GetThemeTextMetrics
GetThemeColor
GetWindowTheme
GetThemeBool
IsThemeActive
OpenThemeData
GetThemeEnumValue
DrawThemeBackground
GetThemeTextExtent
SetWindowTheme
CloseThemeData
DrawThemeEdge

dmocx

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 604KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 444KB - Virtual size: 443KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy