d28fb8d46a9651d778066f6b93c3d91fab5cf406221b7480faa1fe515d48da10 | Triage

Submit
Reports

Overview

overview

Static

static

d28fb8d46a...10.exe

windows7-x64

d28fb8d46a...10.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

d28fb8d46a9651d778066f6b93c3d91fab5cf406221b7480faa1fe515d48da10.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

d28fb8d46a9651d778066f6b93c3d91fab5cf406221b7480faa1fe515d48da10.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

d28fb8d46a9651d778066f6b93c3d91fab5cf406221b7480faa1fe515d48da10
Size

394KB
MD5

a8764b049f0ec06c259a45c50fbc4254
SHA1

8ff82c60312402cc6692ecc39f28a7edf2e59fae
SHA256

d28fb8d46a9651d778066f6b93c3d91fab5cf406221b7480faa1fe515d48da10
SHA512

8c800662f272cafbca8070e2d5cedf7a7bd4ee08631a56fbd01f84e560b2bfc86dca4c84725a3f053275c4bfd8eb6119e8a0f10225e0706fd0fdf5e9e422a2aa
SSDEEP

6144:M70hTXqiuuLJvr8plpjLg1bQYcEYhyK1jDtWocbZe82wI2/+VwL4Z:MATXhzL8pHgn301jDEnw82wI2/zL4Z

Score

N/A

Malware Config

Signatures

Files

d28fb8d46a9651d778066f6b93c3d91fab5cf406221b7480faa1fe515d48da10
.exe windows x86

08a07ea4db24321917db5c331a4257f0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
GetCommandLineW
GetStartupInfoA
ReleaseMutex
GetVersion
HeapSize
OpenEventW
CreateDirectoryW
MapViewOfFile
SetLastError
ReleaseSemaphore
SetLastError
CreateMutexA
HeapDestroy
VirtualProtect
ReleaseSemaphore
CreateFileMappingW
CreateFileA
FatalExit
GetFileSize
RemoveDirectoryW
RemoveDirectoryW
LoadLibraryA
DeleteFileA
lstrlenA

cryptui

DllRegisterServer
WizardFree
CryptUIWizBuildCTL
CryptUIWizDigitalSign
DllUnregisterServer
CryptUIStartCertMgr
CryptUIDlgViewContext
CryptUIDlgFreeCAContext
CryptUIWizExport
CryptUIWizImport
LocalEnrollNoDS
WizardFree
LocalEnroll

iernonce

InitCallback
RunOnceExProcess
RunOnceExProcess
InitCallback

Sections

.text
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 540KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 386KB - Virtual size: 385KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy