e29fb7788fc78c55586c6c51cff32dc4a96f9ae4a8cc7bd3f2efdb20fccac5a8 | Triage

Submit
Reports

Overview

overview

Static

static

e29fb7788f...a8.exe

windows7-x64

e29fb7788f...a8.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

e29fb7788fc78c55586c6c51cff32dc4a96f9ae4a8cc7bd3f2efdb20fccac5a8.exe

Resource

win7-20220901-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

e29fb7788fc78c55586c6c51cff32dc4a96f9ae4a8cc7bd3f2efdb20fccac5a8.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

2 signatures

150 seconds

General

Target

e29fb7788fc78c55586c6c51cff32dc4a96f9ae4a8cc7bd3f2efdb20fccac5a8
Size

392KB
MD5

e8940efa3d8db0ae9afa0e39103cef0f
SHA1

5234aee71933b7374af3f55da8d87aafc6adb1b2
SHA256

e29fb7788fc78c55586c6c51cff32dc4a96f9ae4a8cc7bd3f2efdb20fccac5a8
SHA512

767464f1be641734affa5b2fd0aced80c57b8c99d02a84d612fd74946134e58c97b1d6055ad7bb768352e3928796c6d049fd8bb4f35f3e6a331e9e981278fccc
SSDEEP

12288:Cd5sTH4JGqud/+GyVod/A0RIhKcGicLoh:Cd5SSBGyVITRIhKz1Ly

Score

N/A

Malware Config

Signatures

Files

e29fb7788fc78c55586c6c51cff32dc4a96f9ae4a8cc7bd3f2efdb20fccac5a8
.exe windows x86

5115873ca45a36b6f6044bc1568a72f7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
LoadLibraryExA
GetComputerNameA
GetCurrentDirectoryA
CreateThread
PulseEvent
Sleep
GetModuleHandleA
SetLastError
LocalFree
SetEvent
HeapCreate
GetSystemTime
LocalUnlock
CloseHandle
GetCommandLineW
lstrlenA
CreateProcessA
CreateFileA
UnmapViewOfFile

user32

IsWindow
GetDC
SetFocus
CheckRadioButton
GetDlgItem
GetScrollBarInfo
GetKeyState
DispatchMessageA
FillRect
DrawEdge
DrawMenuBar
CallWindowProcA
CreateWindowExA

clbcatq

DllGetClassObject
CheckMemoryGates
SetupOpen
ComPlusMigrate
SetSetupSave

inetcpl.cpl

OpenFontsDialog

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 732KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy