5247e981ea8a517719901c9e6813ca097642a77b3a7a1559f00972b04052fe04 | Triage

Submit
Reports

Overview

overview

Static

static

5247e981ea...04.exe

windows7-x64

5247e981ea...04.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

5247e981ea8a517719901c9e6813ca097642a77b3a7a1559f00972b04052fe04.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

5247e981ea8a517719901c9e6813ca097642a77b3a7a1559f00972b04052fe04.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

5247e981ea8a517719901c9e6813ca097642a77b3a7a1559f00972b04052fe04
Size

382KB
MD5

8fb6188519f83427f9605cd11345ce5b
SHA1

e8433cef0073f63fbcebd885d7f6081ea2c310be
SHA256

5247e981ea8a517719901c9e6813ca097642a77b3a7a1559f00972b04052fe04
SHA512

65a72188767024d9d09ae6397e4389034598302f1bb82c76337373833995a735d5f649958414df4452ae055416281fe527f3fb7eaf7ec94b38aeef51e7c08d7c
SSDEEP

6144:/QyyLRMAB6y4+AGeJKiIdDjky49jypOAEWZqnKET5EIyLjRKg1gXVJiObl:vwRM6pAGliLy8hAEWZ+7TSHRKSgFBl

Score

N/A

Malware Config

Signatures

Files

5247e981ea8a517719901c9e6813ca097642a77b3a7a1559f00972b04052fe04
.exe windows x86

45b306a7aace2f31f409e0529d0995d0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
GetCommandLineW
GlobalFree
InterlockedExchange
GetStdHandle
GetEnvironmentVariableA
LoadLibraryW
lstrlenA
GetSystemInfo
LocalSize
CloseHandle
GetPrivateProfileIntA
ResetEvent
FreeConsole
CreateEventW
VirtualAllocEx
CreateMutexW
ReleaseMutex
SuspendThread
WriteFile

advapi32

RegCloseKey
RegCreateKeyExW
IsValidSecurityDescriptor
IsValidSid
IsTextUnicode
ClearEventLogW
RegDeleteValueA
CloseEventLog
InitializeSid
RegEnumKeyA
ControlService
RegQueryValueW
CreateServiceW
InitializeSid

fwcfg

InitHelperDll
InitHelperDll
InitHelperDll
InitHelperDll
InitHelperDll

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 370KB - Virtual size: 370KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy