c3673f8493c56c3e5a37fe7bcb9148257b6707652118e08c4c20df152d53d81e | Triage

Submit
Reports

Overview

overview

Static

static

c3673f8493...1e.exe

windows7-x64

c3673f8493...1e.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

c3673f8493c56c3e5a37fe7bcb9148257b6707652118e08c4c20df152d53d81e.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

c3673f8493c56c3e5a37fe7bcb9148257b6707652118e08c4c20df152d53d81e.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

c3673f8493c56c3e5a37fe7bcb9148257b6707652118e08c4c20df152d53d81e
Size

365KB
MD5

b13972b74d1cacdc306b0a5926499617
SHA1

bd58846f2fab26d28ebc1b3b929470256e062207
SHA256

c3673f8493c56c3e5a37fe7bcb9148257b6707652118e08c4c20df152d53d81e
SHA512

4d0476a9112fac06b823fe31c460c162fe6294ea32f2abc7d1034d7cad17c8164802760c0f6e00bddea1892988c862442a693dc7bb0cf8effdf0c506509dcb8b
SSDEEP

6144:0RwtRMna4hib4j8jf51Qx7O6bcLehsEwkoK/6ERdFQJdlMu6lb/01apjbV6m8lL:0wRMax4ojf51aTcK0NEQUd0op3QlL

Score

N/A

Malware Config

Signatures

Files

c3673f8493c56c3e5a37fe7bcb9148257b6707652118e08c4c20df152d53d81e
.exe windows x86

44a479611d3155df9cbec2765cc7ac0b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
SetLastError
FindAtomW
GetConsoleAliasW
GetDriveTypeW
GetFileAttributesA
SetEvent
ResumeThread
GetPrivateProfileStringW
GetModuleHandleA
FindClose
EnumCalendarInfoW
EnterCriticalSection
GlobalFree
GetModuleFileNameA
HeapCreate
CreateMailslotA
LocalFree
ReadFile
GetCurrentThreadId

user32

DispatchMessageA
GetClientRect
GetSysColor
GetKeyState
DrawTextW
DispatchMessageA
SetFocus
GetMenuInfo
GetClassInfoA
GetCursorInfo
IsWindow
CallWindowProcW
GetKeyboardType

asycfilt

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

msasn1

ASN1BERDecBool

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 496KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 355KB - Virtual size: 354KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy