a699562efbfbc0376bf30eb1a2e26ed4131d1a736b8b0f5ee963289427093725 | Triage

Submit
Reports

Overview

overview

Static

static

a699562efb...25.exe

windows7-x64

a699562efb...25.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

a699562efbfbc0376bf30eb1a2e26ed4131d1a736b8b0f5ee963289427093725.exe

Resource

win7-20220901-en

evasion persistence trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

a699562efbfbc0376bf30eb1a2e26ed4131d1a736b8b0f5ee963289427093725.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

a699562efbfbc0376bf30eb1a2e26ed4131d1a736b8b0f5ee963289427093725
Size

499KB
MD5

5385430936d993ea924fd8affec33d6b
SHA1

6f490abf061bfc1046eaa1a7c36b28d01d266aa8
SHA256

a699562efbfbc0376bf30eb1a2e26ed4131d1a736b8b0f5ee963289427093725
SHA512

490ef5cfe5a987132a4ebb3dc6dba691d0e2d334aea17d2a52f09a0ee3888d9dfa6be9a8c6b83747b538418b0e895a176478d0dc6f8c7c7017116b49ff039137
SSDEEP

6144:QX4/+A65HJx5s9XJI/5FA0OZUFgkcjNE/sLZ4P+gufZd5Yw7rc9:I4x66XJIRFA7UfcjNUYZk+Tv7

Score

N/A

Malware Config

Signatures

Files

a699562efbfbc0376bf30eb1a2e26ed4131d1a736b8b0f5ee963289427093725
.exe windows x86

6467119520f5041b715d8b6bd7a9193f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
HeapCreate
ResetEvent
CancelIo
TlsAlloc
CreateFileA
IsBadStringPtrA
GetModuleHandleA
CreateFileMappingA
GetStartupInfoA
GetStdHandle
TlsGetValue
GetCommandLineW
SetEvent
HeapDestroy
GetModuleFileNameA
GetEnvironmentVariableA
GetACP
ReleaseMutex
ResumeThread

advapi32

RegQueryValueW
RegDeleteValueA
IsValidAcl
IsValidSecurityDescriptor
IsValidSid
IsTextUnicode
CreateServiceW
CreateProcessAsUserA
RegCreateKeyExW
ControlService
RegEnumKeyA
InitializeSid
ClearEventLogW

unimdmat

UmCloseModem
UmCloseModem
UmCloseModem
UmCloseModem

timedate.cpl

CPlApplet

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 408KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 491KB - Virtual size: 490KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy