cb984fe3a6da88d1760d9fd667be7360c36ef3c8a6ae50dc82866eb883073f8b | Triage

Submit
Reports

Overview

overview

Static

static

cb984fe3a6...8b.exe

windows7-x64

cb984fe3a6...8b.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

cb984fe3a6da88d1760d9fd667be7360c36ef3c8a6ae50dc82866eb883073f8b.exe

Resource

win7-20221111-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

cb984fe3a6da88d1760d9fd667be7360c36ef3c8a6ae50dc82866eb883073f8b.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

cb984fe3a6da88d1760d9fd667be7360c36ef3c8a6ae50dc82866eb883073f8b
Size

382KB
MD5

71b8a53162722e37e593ee1de32fcf62
SHA1

fac61f9565f49408b7b11cd954e0ef7dd6a5a0e8
SHA256

cb984fe3a6da88d1760d9fd667be7360c36ef3c8a6ae50dc82866eb883073f8b
SHA512

aed0de08696e93b2871948508ba80816e7e9d3625883da63b48a3a646ed7e5e5db609b9cac847658e46a74e15c37dee2da51c25897128fffbeac31a4b0d3a59a
SSDEEP

6144:GEVwRMIht9NmwZPJCJi2oU0zBIDoGbNjEg9XHD73g3+Gq/nTngb0L1DdE:wRMIr9N/RJHUlzNQAXXg3RggAjE

Score

N/A

Malware Config

Signatures

Files

cb984fe3a6da88d1760d9fd667be7360c36ef3c8a6ae50dc82866eb883073f8b
.exe windows x86

bbc15c31bfcf9843cd0cdd97c8da6700

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
LocalFree
GetCurrentThreadId
GlobalFlags
GetCurrentProcessId
GetEnvironmentVariableW
ResetEvent
ReleaseMutex
InitializeCriticalSection
GetLocalTime
LoadLibraryW
IsBadStringPtrA
GlobalFree
CloseHandle
SetEvent
HeapCreate
GetPrivateProfileStringA
CreateEventW
GetDriveTypeA
lstrlenW

user32

IsWindow
DispatchMessageA
GetSysColor
CallWindowProcW
DrawStateW
EndDialog
GetClientRect
GetClassInfoA
GetCursorInfo
GetKeyboardType
SetFocus
GetSysColor
CreateWindowExA

msident

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

advapi32

InitializeSid

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 371KB - Virtual size: 370KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy