34560248705460040f8f50613502b30d7ac52b7740ed51285e85d1b0d732d49e | Triage

Submit
Reports

Overview

overview

Static

static

3456024870...9e.exe

windows7-x64

3456024870...9e.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

34560248705460040f8f50613502b30d7ac52b7740ed51285e85d1b0d732d49e.exe

Resource

win7-20221111-en

evasion persistence trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

34560248705460040f8f50613502b30d7ac52b7740ed51285e85d1b0d732d49e.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

34560248705460040f8f50613502b30d7ac52b7740ed51285e85d1b0d732d49e
Size

383KB
MD5

5e2fe18fe2659021f5994feed8060b07
SHA1

8b86396184f43a808e5debcf7ac3bdac03900fdb
SHA256

34560248705460040f8f50613502b30d7ac52b7740ed51285e85d1b0d732d49e
SHA512

09e63c1ab739cf568e265648c5469859160b3fce20d028f3c0055828a2382cc46494d1b363452d185b6592f8d924bf1abbe6d86e8210e9af2f5e1aba7a548106
SSDEEP

6144:WDxX2YcY1t3Vkd/lPhO/EEJUrVBs8rloiO8x2zkANscWoqxWZ3jc4OMRDgdjln4W:WDgYcat3Od95O/E1rVXlhhzANscWoqxf

Score

N/A

Malware Config

Signatures

Files

34560248705460040f8f50613502b30d7ac52b7740ed51285e85d1b0d732d49e
.exe windows x86

bf31a496e30b3c18ceb6748906d80b1a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenMutexA
GetTickCount
GlobalFlags
CloseHandle
lstrlenW
Sleep
GetModuleHandleA
SetConsoleCP
DeleteFileA
ReleaseMutex
GetTimeFormatA
CloseHandle
GetCommandLineA
SetFilePointer
GetModuleFileNameW
SuspendThread
GetStartupInfoA
HeapCreate
SetEvent
CreateEventA

advapi32

RegDeleteValueA
IsValidSid
InitializeSid
CreateServiceW
IsValidAcl
ControlService
IsTextUnicode
RegCreateKeyExW
IsValidSecurityDescriptor
RegEnumKeyA
RegQueryValueW
CreateProcessAsUserA
ClearEventLogW

msvcirt

??0Iostream_init@@QAE@XZ
??0Iostream_init@@QAE@XZ
??0Iostream_init@@QAE@XZ
??0Iostream_init@@QAE@XZ

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 536KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 376KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy