ad2a0f655e489907349fcadcfacaeaff31796bac4e5d1a7406506ae6b73f7ceb | Triage

Submit
Reports

Overview

overview

Static

static

ad2a0f655e...eb.exe

windows7-x64

ad2a0f655e...eb.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

ad2a0f655e489907349fcadcfacaeaff31796bac4e5d1a7406506ae6b73f7ceb.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

ad2a0f655e489907349fcadcfacaeaff31796bac4e5d1a7406506ae6b73f7ceb.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

ad2a0f655e489907349fcadcfacaeaff31796bac4e5d1a7406506ae6b73f7ceb
Size

385KB
MD5

77c1470d05822b30b3894da915656292
SHA1

32a4a2ed1e87b340f663d548bdb2cbff9ab4a488
SHA256

ad2a0f655e489907349fcadcfacaeaff31796bac4e5d1a7406506ae6b73f7ceb
SHA512

bb598cd6ec7ed05b77c41db404a9a55224c8f8d142449a72a70b5618cc0588b3ff901fbd51068e572a0d65d1de5c09bbf5b4375606228a4311e887088f1d9de5
SSDEEP

6144:Q+c3mjPqipSnVKkYFmUzS9n4rPY7AC42KibWKUqi+oAVLXHKVZ/1gdxEx5:/XSVKkY4UmR4rPx9kWKUZ+BXyZ/1p

Score

N/A

Malware Config

Signatures

Files

ad2a0f655e489907349fcadcfacaeaff31796bac4e5d1a7406506ae6b73f7ceb
.exe windows x86

6db9358d8992cabdadcdc30e82f87b95

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchange
GetCommandLineA
GetModuleHandleW
FindVolumeClose
GetACP
ResumeThread
LocalFree
ResetEvent
lstrlenA
CreateMutexA
GlobalFree
WriteFile
GetPrivateProfileIntW
VirtualAlloc
CreateEventA
CloseHandle
GetDriveTypeW
GetExitCodeProcess
GetEnvironmentVariableA
GlobalSize

user32

GetSysColor
DrawStateW
GetKeyboardType
CallWindowProcW
GetClassInfoA
CreateWindowExA
DispatchMessageA
GetClientRect
IsWindow
SetFocus
GetSysColor
GetCursorInfo
EndDialog

avicap32

videoThunk32
AppCleanup
videoThunk32
videoThunk32
videoThunk32

sysdm.cpl

NoExecuteAddFileOptOutList

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 412KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 375KB - Virtual size: 375KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy