b885d22257d97a8be106930c45bdd42c813e84cf2d938de58be5f91db78a7ef8 | Triage

Submit
Reports

Overview

overview

Static

static

b885d22257...f8.exe

windows7-x64

b885d22257...f8.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

b885d22257d97a8be106930c45bdd42c813e84cf2d938de58be5f91db78a7ef8.exe

Resource

win7-20221111-en

evasion persistence trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

b885d22257d97a8be106930c45bdd42c813e84cf2d938de58be5f91db78a7ef8.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

b885d22257d97a8be106930c45bdd42c813e84cf2d938de58be5f91db78a7ef8
Size

511KB
MD5

97dd8f39b9e8c18bdf13c3884e3515f0
SHA1

79612aabaeed8f91dbc9fb748e2d05655da209fb
SHA256

b885d22257d97a8be106930c45bdd42c813e84cf2d938de58be5f91db78a7ef8
SHA512

f7d199faf5107308d6ac72caba323dcf42b605a7320038712877d843bdac8a7eebc82912c3679e12ad82ee149d98e1ca102b52fe4e250e839f6bea77ca6b72f9
SSDEEP

12288:zrRjNhs4zMF3VRKoHTwyFZiafXPGGdPF5exs:XZVMFLrTwyySXPG/s

Score

N/A

Malware Config

Signatures

Files

b885d22257d97a8be106930c45bdd42c813e84cf2d938de58be5f91db78a7ef8
.exe windows x86

f44c964982b77dd6b29f6b51478cc71d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
HeapDestroy
GetConsoleAliasA
CloseHandle
CloseHandle
CreateFileW
IsDebuggerPresent
ReleaseMutex
HeapCreate
GetStartupInfoA
DeleteFileA
DeviceIoControl
CreateFileMappingW
GetDriveTypeA
lstrlenA
TlsAlloc
GetModuleFileNameW
GetCommandLineA
GetModuleHandleA
Sleep

user32

DispatchMessageA
DrawTextW
DispatchMessageA
LoadImageA
FindWindowW
GetWindowLongA
IsWindow
CallWindowProcW
GetIconInfo
IsZoomed
PeekMessageA
DestroyWindow
DestroyMenu

cryptext

CryptExtAddPFX
CryptExtAddPFX
CryptExtAddPFX
CryptExtAddPFX

rasapi32

DwCloneEntry

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 412KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 503KB - Virtual size: 503KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy