c06b3cb8f10fde19fe54325125d7ad0ee7199f7b26915e75852f98dac82d0ca6 | Triage

Submit
Reports

Overview

overview

Static

static

c06b3cb8f1...a6.exe

windows7-x64

c06b3cb8f1...a6.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

c06b3cb8f10fde19fe54325125d7ad0ee7199f7b26915e75852f98dac82d0ca6.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

c06b3cb8f10fde19fe54325125d7ad0ee7199f7b26915e75852f98dac82d0ca6.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

c06b3cb8f10fde19fe54325125d7ad0ee7199f7b26915e75852f98dac82d0ca6
Size

382KB
MD5

fd5b5f1aac1fe489429bd113f76f02c6
SHA1

120ff0b9a1b5483773c0a3a8531e2d72f2e014a9
SHA256

c06b3cb8f10fde19fe54325125d7ad0ee7199f7b26915e75852f98dac82d0ca6
SHA512

a08ff90901bda98050c547e57b9e46daf6526007ae77d855e27ec90d966b6feea7e4aa668720fa8148f106280058ef084f823d825d3a3bc1fd199e03473a4f19
SSDEEP

6144:QR/SvRM9rPanRgkr/TbWz6b+vzR1vED0sj+SBl4qA4/qylPzgNbwjZUE79rlnMqa:FvRMpCRn/Tq2K7R100E++l4qh/qabGbQ

Score

N/A

Malware Config

Signatures

Files

c06b3cb8f10fde19fe54325125d7ad0ee7199f7b26915e75852f98dac82d0ca6
.exe windows x86

719cfc7bc07fbbfe63691aa1ea73e1c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchange
GetCurrentThreadId
IsBadStringPtrA
GlobalFree
CloseHandle
GetLocalTime
SetEvent
CreateEventW
GlobalFlags
LocalFree
ResetEvent
WriteFile
GetPrivateProfileIntA
LoadLibraryW
GetEnvironmentVariableW
GetCurrentProcessId
GetDriveTypeA
ReleaseMutex
VirtualAllocEx
lstrlenA

advapi32

ControlService
RegCreateKeyExW
IsTextUnicode
InitializeSid
RegQueryValueW
ClearEventLogW
CreateServiceW
CloseEventLog
RegDeleteValueA
IsValidSid
RegEnumKeyA
RegCloseKey
IsValidSecurityDescriptor
InitializeSid

loghours

DialinHoursDialog
DialinHoursDialog
DialinHoursDialog
DialinHoursDialog
DialinHoursDialog

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 371KB - Virtual size: 370KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy