2d70feffdfeb7bd2e61cdfaef815298e054c37b59d2ad7170b5a29c65f9a2f04 | Triage

Submit
Reports

Overview

overview

Static

static

2d70feffdf...04.exe

windows7-x64

2d70feffdf...04.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

2d70feffdfeb7bd2e61cdfaef815298e054c37b59d2ad7170b5a29c65f9a2f04.exe

Resource

win7-20221111-en

evasion persistence trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

2d70feffdfeb7bd2e61cdfaef815298e054c37b59d2ad7170b5a29c65f9a2f04.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

2d70feffdfeb7bd2e61cdfaef815298e054c37b59d2ad7170b5a29c65f9a2f04
Size

413KB
MD5

449d51cfbbca375effd9c4a5c90add20
SHA1

fed6d6e14bd5f4dc8153bf32d74dc854388f1fdf
SHA256

2d70feffdfeb7bd2e61cdfaef815298e054c37b59d2ad7170b5a29c65f9a2f04
SHA512

6e5bd484062d1fe93555b01057c1f073a1dae3d1703cb90eed07d2a02e24c6ab5a9bd54fa3e610f8b8f62ea32edac48154522be627b4ce9bf80fa4adf8cb6d0e
SSDEEP

6144:r+B/QAY5X9vUgno2kJGj5xZg7PPZ4a/NElH1b0BrYIt9z4ti1g9lQKfCT0xyv7UN:r0Y5BUg59yZ7/NEgB0ItZWi1S/K0076

Score

N/A

Malware Config

Signatures

Files

2d70feffdfeb7bd2e61cdfaef815298e054c37b59d2ad7170b5a29c65f9a2f04
.exe windows x86

a0eb52154ff0eec510e1bb69d1bf0197

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileIntW
Sleep
LoadLibraryExW
OpenMutexA
GetExitCodeProcess
GetPrivateProfileSectionA
GetDiskFreeSpaceA
lstrcmpA
SetFilePointer
InterlockedExchange
lstrcmpiA
GetModuleHandleA
InterlockedIncrement
WaitForMultipleObjects
Sleep
GetDiskFreeSpaceA
HeapCreate
CreateEventA
SetEnvironmentVariableW
CreateDirectoryA
Sleep
GetPrivateProfileIntW
GetFileAttributesA

catsrv

OpenComponentLibraryTS
GetCatalogCRMClerk
DllCanUnloadNow
CreateComponentLibraryTS

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tdata
Size: 406KB - Virtual size: 924KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy