9194bc802b993ecd03569566c590aa744d54d646177ce9d277c2fba817411014 | Triage

Submit
Reports

Overview

overview

Static

static

9194bc802b...14.exe

windows7-x64

9194bc802b...14.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

9194bc802b993ecd03569566c590aa744d54d646177ce9d277c2fba817411014.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

9194bc802b993ecd03569566c590aa744d54d646177ce9d277c2fba817411014.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

9194bc802b993ecd03569566c590aa744d54d646177ce9d277c2fba817411014
Size

511KB
MD5

4443a41a2a1b664d4e1a49977044a354
SHA1

c00752d4c5ce1c6e23feea08e3157fa8181dc220
SHA256

9194bc802b993ecd03569566c590aa744d54d646177ce9d277c2fba817411014
SHA512

b726638312674cf2a69858a3b7139994be70a1bf6fdc89c2c9de41efe9c8df425d35233106f376696ee830c197a85c64325af18cfbb272e71c93bf8c4e3b497c
SSDEEP

12288:eDRjNhs4zMF3VRKoHTwyFZiafXPGGdPF5exs:eDZVMFLrTwyySXPG/s

Score

N/A

Malware Config

Signatures

Files

9194bc802b993ecd03569566c590aa744d54d646177ce9d277c2fba817411014
.exe windows x86

deaa38026faf64a1b2b50d32cada8058

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
IsDebuggerPresent
GetCommandLineA
CloseHandle
CloseHandle
IsBadStringPtrW
HeapCreate
GetModuleFileNameW
GetDriveTypeA
GetStartupInfoA
DeviceIoControl
HeapDestroy
SetEvent
Sleep
GetModuleHandleA
DeleteFileA
CreateFileMappingW
lstrlenA
ReleaseMutex
TlsAlloc

user32

FindWindowW
DrawTextW
DispatchMessageA
PeekMessageA
DestroyWindow
DestroyMenu
LoadImageA
IsZoomed
CallWindowProcW
DispatchMessageA
GetIconInfo
IsWindow
GetWindowLongA

cryptext

CryptExtAddPFX
CryptExtAddPFX
CryptExtAddPFX
CryptExtAddPFX

rasapi32

DwCloneEntry

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 412KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 503KB - Virtual size: 503KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy