8b56ed70346ecf4107e38216a3d35281cc2306dbb1f0931f1cffb25f4b8d844d | Triage

Submit
Reports

Overview

overview

Static

static

8b56ed7034...4d.exe

windows7-x64

8b56ed7034...4d.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

8b56ed70346ecf4107e38216a3d35281cc2306dbb1f0931f1cffb25f4b8d844d.exe

Resource

win7-20221111-en

evasion persistence trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

8b56ed70346ecf4107e38216a3d35281cc2306dbb1f0931f1cffb25f4b8d844d.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

8b56ed70346ecf4107e38216a3d35281cc2306dbb1f0931f1cffb25f4b8d844d
Size

491KB
MD5

a03efd709fe052cea4f4f021530e53fc
SHA1

d347a0666a9aa359759edf4b3f57cca09bfb299f
SHA256

8b56ed70346ecf4107e38216a3d35281cc2306dbb1f0931f1cffb25f4b8d844d
SHA512

30bb82bcab57c82bd19baba271fa08f0b7f36a9f8ad9fbd52af1a2c0a69aabf2374389d19f28e25779f78b0957a0f7d72555922fac7ca33580cdbf64928be95f
SSDEEP

6144:RbhKBgqJMYucH+Sv2UDn+C0jj3+VAurnVv4Ch9s7cae6ZaKSqeABLs1SWcDDDDk:RbhqgqJMaHp27j34GCfs7cafE

Score

N/A

Malware Config

Signatures

Files

8b56ed70346ecf4107e38216a3d35281cc2306dbb1f0931f1cffb25f4b8d844d
.exe windows x86

cb3079ede7a66584d27de0c77bf07ced

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
IsDebuggerPresent
GetModuleHandleA
CloseHandle
Sleep
GetStartupInfoA
DeviceIoControl
GetDriveTypeA
GetModuleFileNameW
CreateFileMappingW
SetEvent
GetCommandLineA
ReleaseMutex
IsBadStringPtrW
lstrlenA
TlsAlloc
CreateFileA
DeleteFileA
HeapDestroy
CloseHandle

user32

IsZoomed
DispatchMessageA
LoadImageA
GetIconInfo
DrawTextW
CallWindowProcW
DispatchMessageA
GetWindowLongA
PeekMessageA
FindWindowW
DestroyWindow
IsWindow
DestroyMenu

cryptext

CryptExtAddPFX
CryptExtAddPFX
CryptExtAddPFX
CryptExtAddPFX

rasapi32

DwCloneEntry

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 484KB - Virtual size: 483KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy