dc54631da428ceabf6dc885ffd48c91ec8383986b2a678f46dfddd36b4284242 | Triage

Submit
Reports

Overview

overview

Static

static

dc54631da4...42.exe

windows7-x64

dc54631da4...42.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

dc54631da428ceabf6dc885ffd48c91ec8383986b2a678f46dfddd36b4284242.exe

Resource

win7-20221111-en

evasion persistence trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

dc54631da428ceabf6dc885ffd48c91ec8383986b2a678f46dfddd36b4284242.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

dc54631da428ceabf6dc885ffd48c91ec8383986b2a678f46dfddd36b4284242
Size

410KB
MD5

27448c5c3fa7834f25f49bd552377f40
SHA1

c163487677a409353d7f254cb806e23b4d69166d
SHA256

dc54631da428ceabf6dc885ffd48c91ec8383986b2a678f46dfddd36b4284242
SHA512

ba85ddd70a1f8d1b740f10c1d2b5d4635df70ca587117dd56ecf7717039f1ab5a144007553fb8ce366256721575073ba9684d0aad596f0d9f9d7e6cbb4c73243
SSDEEP

6144:NjXtkUNy/b5Q0XW7skl3n3azpNHXzFJDKDHLg+UGP38ZySfngFDSg7iyS4HQ1t6R:NE5QKW7ZGpNHXWvxwyingRx7PSV

Score

N/A

Malware Config

Signatures

Files

dc54631da428ceabf6dc885ffd48c91ec8383986b2a678f46dfddd36b4284242
.exe windows x86

c774dbe8deb10c758be2a1c3dfd2979d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetStartupInfoA
CloseHandle
GetTickCount
Sleep
DeleteFileA
GlobalFlags
SetFilePointer
GlobalSize
HeapCreate
SetEvent
CloseHandle
lstrlenW
GetExitCodeProcess
SetConsoleCP
CreateEventA
GetModuleHandleA
GetTimeFormatA
GetModuleFileNameW
ReleaseMutex

user32

BeginPaint
DrawTextW
SetFocus
GetParent
FillRect
IsWindowVisible
DestroyWindow
LoadImageA
CallWindowProcW
PeekMessageA
DispatchMessageA
GetWindowLongW
DispatchMessageA

loghours

DirSyncScheduleDialog
DirSyncScheduleDialog
DirSyncScheduleDialog
DirSyncScheduleDialog

wininet

FtpCommandW

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 512KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 403KB - Virtual size: 403KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy