43d0f0a2ec0ad3f70e3abc171add1bfa3239ff4ea26013013cda4a86243357ec | Triage

Submit
Reports

Overview

overview

Static

static

43d0f0a2ec...ec.exe

windows7-x64

43d0f0a2ec...ec.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

43d0f0a2ec0ad3f70e3abc171add1bfa3239ff4ea26013013cda4a86243357ec.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

43d0f0a2ec0ad3f70e3abc171add1bfa3239ff4ea26013013cda4a86243357ec.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

43d0f0a2ec0ad3f70e3abc171add1bfa3239ff4ea26013013cda4a86243357ec
Size

382KB
MD5

0ddedf8dbbc956272b0bc366846e8a30
SHA1

cacee01e77ec966f15efef5e7aabd88f5c6e3186
SHA256

43d0f0a2ec0ad3f70e3abc171add1bfa3239ff4ea26013013cda4a86243357ec
SHA512

912f5e8cec5ea6631b7e7d41605b04af5767a7f8c4cbfecb058f19460dd5aa4bbaf933708b1c67372b07821716928ce20c22d62e32a59f7ba86462fe95e6282c
SSDEEP

6144:eiRM0I8mJ+ehSemWfSZSzuhgrE9dYCb8xf4I7GVltNyEe6EofQKKfnGIYt3yKkM5:eiRM0I8mJlmWp6hgricAQG3Xxai5

Score

N/A

Malware Config

Signatures

Files

43d0f0a2ec0ad3f70e3abc171add1bfa3239ff4ea26013013cda4a86243357ec
.exe windows x86

34986bbf98c4d67a3d6d64f97ca5c4d5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexA
GetEnvironmentVariableW
LocalFree
CreateEventA
VirtualAlloc
GetACP
FindVolumeClose
GetPrivateProfileIntW
ResetEvent
WriteFile
GetModuleHandleW
lstrlenA
InterlockedExchange
GetExitCodeProcess
ResumeThread
GlobalFree
GetCommandLineA
CloseHandle
GetStdHandle
GlobalSize

advapi32

RegDeleteValueA
RegQueryValueW
RegCloseKey
RegCreateKeyExW
IsValidSid
CreateServiceA
CloseEventLog
ClearEventLogW
ControlService
IsTextUnicode
IsValidSecurityDescriptor
RegDeleteKeyA
RegEnumKeyW

asycfilt

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

hdwwiz.cpl

InstallNewDevice

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 372KB - Virtual size: 371KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy