f34dc9ac437505469edb48b5c25ff3c8694105f3ccfaa6179be46ef25f337ec6 | Triage

Submit
Reports

Overview

overview

Static

static

f34dc9ac43...c6.exe

windows7-x64

f34dc9ac43...c6.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

f34dc9ac437505469edb48b5c25ff3c8694105f3ccfaa6179be46ef25f337ec6.exe

Resource

win7-20221111-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

f34dc9ac437505469edb48b5c25ff3c8694105f3ccfaa6179be46ef25f337ec6.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

f34dc9ac437505469edb48b5c25ff3c8694105f3ccfaa6179be46ef25f337ec6
Size

492KB
MD5

457bd7529fe71b8504e567ffb44767f4
SHA1

9c51a6fc72ecfb5bd5ab9c8cc54f4160bd8c6095
SHA256

f34dc9ac437505469edb48b5c25ff3c8694105f3ccfaa6179be46ef25f337ec6
SHA512

48d7fdf4e6b48f2bfb79b5ad5e5adf79370ed056ca4bd3294ba26d630aaeb577ec7dc904a813dd3146eaa5afc2583a299ad8f5dd4bd8a1fb75a47a9184a87134
SSDEEP

6144:E6pWra4hib4j8jf51Qx7O6bcLehsEwkoK/6ERdFQJdlMu6lb/01apjbV6m8lL:Xx4ojf51aTcK0NEQUd0op3QlL

Score

N/A

Malware Config

Signatures

Files

f34dc9ac437505469edb48b5c25ff3c8694105f3ccfaa6179be46ef25f337ec6
.exe windows x86

8d3ec6dfa37e84307e61d3527c8edd37

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
SetEvent
GetCurrentProcessId
GetCurrentThreadId
FindAtomW
LocalFree
FindClose
SetLastError
GetConsoleAliasW
GetPrivateProfileStringW
EnterCriticalSection
SuspendThread
CreateMailslotA
EnumCalendarInfoW
GetDriveTypeW
GetFileAttributesA
ReadFile
HeapCreate
GetModuleFileNameA
GlobalFree

user32

SetFocus
DispatchMessageA
GetKeyState
GetSysColor
IsWindow
GetClientRect
GetMenuInfo
CallWindowProcW
DispatchMessageA
GetKeyboardType
GetCursorInfo
DrawTextW
GetClassInfoA

avicap32

videoThunk32
videoThunk32
videoThunk32
videoThunk32
videoThunk32

desk.cpl

DeskSetCurrentScheme

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 482KB - Virtual size: 482KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy