9459c8cd36179160c7487ed9987e6ccf22ae917a6d6c6de6a7555475de3fe35b | Triage

Submit
Reports

Overview

overview

Static

static

9459c8cd36...5b.exe

windows7-x64

9459c8cd36...5b.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

9459c8cd36179160c7487ed9987e6ccf22ae917a6d6c6de6a7555475de3fe35b.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

9459c8cd36179160c7487ed9987e6ccf22ae917a6d6c6de6a7555475de3fe35b.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

9459c8cd36179160c7487ed9987e6ccf22ae917a6d6c6de6a7555475de3fe35b
Size

433KB
MD5

6627f88b76778efb77071e59c9162fea
SHA1

79350bae26e03936abdf14f71b097aba83724720
SHA256

9459c8cd36179160c7487ed9987e6ccf22ae917a6d6c6de6a7555475de3fe35b
SHA512

7768654c455177549733a98c799f22fba1750f18c24fcdac787cf01457cc8a1950dcf15e8d979c31e4c6255983fbba86b64dd887e84e9b5754adf00e0dde90c2
SSDEEP

12288:CPVzQ9UiDXfilvWCA7egkwhi/f/LH0F2uF++Htom6b:uyqlvWV9kfPDY2uYwam

Score

N/A

Malware Config

Signatures

Files

9459c8cd36179160c7487ed9987e6ccf22ae917a6d6c6de6a7555475de3fe35b
.exe windows x86

d5793cf93fffe13f87196e92db083760

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
GetCommandLineW
CreateFileA
OpenProcess
SetLastError
CloseHandle
GetFileAttributesA
GetStdHandle
GetTickCount
ExitProcess
VirtualAllocEx
DeleteFileA
GetStartupInfoW
CreateMutexA
GetEnvironmentVariableW
RemoveDirectoryA
ResetEvent
WaitForSingleObject
GetModuleHandleA
HeapSize
SetEvent

user32

DispatchMessageW
PeekMessageA
MessageBoxA
CallWindowProcW
GetSysColor
GetDC
GetDC
FillRect
GetClassInfoA
GetWindowLongA
GetDC
DispatchMessageW
FindWindowW

perfctrs

CloseNbfPerformanceData
CloseNbfPerformanceData
CloseNbfPerformanceData
CloseNbfPerformanceData

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 624KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 427KB - Virtual size: 426KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy