bf155a4267b52e4cc4c4c50304e97daa6860b64f9f8aeb6ed3322a0737286517 | Triage

Submit
Reports

Overview

overview

Static

static

bf155a4267...17.exe

windows7-x64

bf155a4267...17.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

bf155a4267b52e4cc4c4c50304e97daa6860b64f9f8aeb6ed3322a0737286517.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

bf155a4267b52e4cc4c4c50304e97daa6860b64f9f8aeb6ed3322a0737286517.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

bf155a4267b52e4cc4c4c50304e97daa6860b64f9f8aeb6ed3322a0737286517
Size

372KB
MD5

08a7717b5fa522c810fd31548941c9a4
SHA1

3e5dce3b4759ef82286228646a75a8eb33d491f8
SHA256

bf155a4267b52e4cc4c4c50304e97daa6860b64f9f8aeb6ed3322a0737286517
SHA512

9ab19d178be7207e541aa96c205fac2acbf099a8d2296382b1acee6e0a01becaf8d1d22254a59e33f4eee378d8db7ef8c809878391b417ed7883c579c7c437f9
SSDEEP

6144:Ci1fP+HMjvjVcVAC2FXgEr8fE0ASg3/YQvRNMVlJi41fv4Dw:Ci1OHMvjVkCrSvoZNyl5fwD

Score

N/A

Malware Config

Signatures

Files

bf155a4267b52e4cc4c4c50304e97daa6860b64f9f8aeb6ed3322a0737286517
.exe windows x86

7f5f1ef97db55bb59d9370cb330b091a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocalTime
GlobalSize
GetComputerNameW
SetEvent
FreeConsole
VirtualAlloc
GlobalFree
GetDriveTypeA
ReleaseMutex
CreateFileW
FindVolumeClose
ExitThread
GetExitCodeProcess
ReadFile
GetModuleHandleW
LocalFree
CloseHandle
lstrlenA
GetPrivateProfileIntW
GetTickCount

user32

GetCursorInfo
DispatchMessageA
EndDialog
GetClassInfoA
GetMenu
CreateWindowExA
SetFocus
DrawStateW
GetSysColor
GetDlgItem
GetKeyState
CallWindowProcA
GetClientRect

clbcatq

ComPlusMigrate
ComPlusMigrate
DllGetClassObject
ComPlusMigrate
ComPlusMigrate

ntshrui

IsPathSharedA

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 363KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy