96102eea901a3d111d709e3be88be003b1d2e9dfe4f53b36eddc491edff4d5cc | Triage

Submit
Reports

Overview

overview

Static

static

96102eea90...cc.exe

windows7-x64

96102eea90...cc.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

96102eea901a3d111d709e3be88be003b1d2e9dfe4f53b36eddc491edff4d5cc.exe

Resource

win7-20221111-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

96102eea901a3d111d709e3be88be003b1d2e9dfe4f53b36eddc491edff4d5cc.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

96102eea901a3d111d709e3be88be003b1d2e9dfe4f53b36eddc491edff4d5cc
Size

371KB
MD5

80c47592e3d16c162d2b299ff1c3970d
SHA1

3990a109da34c1b4f8f729f413f916f1d11cdd55
SHA256

96102eea901a3d111d709e3be88be003b1d2e9dfe4f53b36eddc491edff4d5cc
SHA512

a18bb1793ef22c50dce60d382cd7e213cf67fc186a92b3b81887c61c430e25db3611e336489abf48146b20c6d1001dbbd6fd2448d313965bcfc4092a1db978bc
SSDEEP

6144:/SjHoERMrKP9EoxGcTYNh91DQJ7w6Mcx8MYeWKnEWYzXTz+VNypJOVglH5fDsf1D:qj7RM1L9/u5Wcxr8/frTzcNS0G3fDsft

Score

N/A

Malware Config

Signatures

Files

96102eea901a3d111d709e3be88be003b1d2e9dfe4f53b36eddc491edff4d5cc
.exe windows x86

51c56210e08f2f5b1948d4ffee262db0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SuspendThread
GetNumberFormatA
ResumeThread
WriteFile
FindAtomA
GetPrivateProfileStringA
GetEnvironmentVariableW
LoadLibraryW
GlobalFlags
GetDriveTypeA
FindClose
InitializeCriticalSection
lstrlenW
HeapCreate
GetConsoleAliasA
CreateEventW
GetCurrentProcessId
GetCurrentThreadId
TlsGetValue
LocalFree

user32

CallWindowProcW
GetClassInfoA
IsWindow
GetKeyboardType
SetFocus
CreateWindowExA
EndDialog
DrawTextA
GetClientRect
DrawStateW
GetSysColor
DispatchMessageA
GetSysColor

resutils

ClusWorkerStart
ClusWorkerStart
ClusWorkerStart
ClusWorkerStart
ClusWorkerStart

clbcatq

DllGetClassObject

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 488KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 361KB - Virtual size: 361KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy