932f4ae27dc7d15170214fc5607592cff7ceda34dfee5612aeeeb953b8d21744 | Triage

Submit
Reports

Overview

overview

Static

static

932f4ae27d...44.exe

windows7-x64

932f4ae27d...44.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

932f4ae27dc7d15170214fc5607592cff7ceda34dfee5612aeeeb953b8d21744.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

932f4ae27dc7d15170214fc5607592cff7ceda34dfee5612aeeeb953b8d21744.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

932f4ae27dc7d15170214fc5607592cff7ceda34dfee5612aeeeb953b8d21744
Size

382KB
MD5

ed81b444e48c1ddf5d7ac5a579b54e1f
SHA1

857e17d432b56eb3d760c162fb2c44e83170b1e9
SHA256

932f4ae27dc7d15170214fc5607592cff7ceda34dfee5612aeeeb953b8d21744
SHA512

221e16632c20cdb8cfcacca2cefb894ae89b7ed504c2bf7726557ce4725f7af29e776124210cfdc161f731cb95dffb3602b7a5e559c2d7b8394037a51a748deb
SSDEEP

6144:ZOHRMSG5rPanRgkr/TbWz6b+vzR1vED0sj+SBl4qA4/qylPzgNbwjZUE79rlnMqa:iRM/tCRn/Tq2K7R100E++l4qh/qabGbQ

Score

N/A

Malware Config

Signatures

Files

932f4ae27dc7d15170214fc5607592cff7ceda34dfee5612aeeeb953b8d21744
.exe windows x86

0cacabf9dd485f69da9cd4907f38f87f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchange
WriteFile
ResetEvent
GlobalFree
VirtualAllocEx
LoadLibraryW
LocalFree
SetEvent
GetCurrentProcessId
GetCurrentThreadId
GetLocalTime
CloseHandle
GetPrivateProfileIntA
IsBadStringPtrA
GetEnvironmentVariableW
CreateEventW
ReleaseMutex
GetDriveTypeA
lstrlenA
GlobalFlags

advapi32

CloseEventLog
CreateServiceW
RegCreateKeyExW
ClearEventLogW
IsTextUnicode
IsValidSecurityDescriptor
InitializeSid
RegEnumKeyA
RegDeleteValueA
ControlService
IsValidSid
RegQueryValueW
RegCloseKey
InitializeSid

loghours

DialinHoursDialog
DialinHoursDialog
DialinHoursDialog
DialinHoursDialog
DialinHoursDialog

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 371KB - Virtual size: 370KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy