feacde88e189f37d001e1354fbf800ddf326bf94131f6d471705d8018778c0b1 | Triage

Submit
Reports

Overview

overview

Static

static

feacde88e1...b1.exe

windows7-x64

feacde88e1...b1.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

feacde88e189f37d001e1354fbf800ddf326bf94131f6d471705d8018778c0b1.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

feacde88e189f37d001e1354fbf800ddf326bf94131f6d471705d8018778c0b1.exe

Resource

win10v2004-20220812-en

evasion persistence trojan

windows10-2004-x64

11 signatures

150 seconds

General

Target

feacde88e189f37d001e1354fbf800ddf326bf94131f6d471705d8018778c0b1
Size

391KB
MD5

3772c65c673e1c4b7761dc1683ce95cc
SHA1

aaa71559acc75b4c9f658bca4de44de225d6bf76
SHA256

feacde88e189f37d001e1354fbf800ddf326bf94131f6d471705d8018778c0b1
SHA512

6dc293e5b9feca8f25e56163f34a0a437994f14b4614ab494b4bfcc248c36c06d64c0c67c65a98036c6460455e62735ee236987db843db38804e2b78c311af11
SSDEEP

12288:QDSCFbPnR0mnxaCEOMT0hiFoj2rd52Fldkh:WsQMT0fq2Kh

Score

N/A

Malware Config

Signatures

Files

feacde88e189f37d001e1354fbf800ddf326bf94131f6d471705d8018778c0b1
.exe windows x86

e44b63c5dcaff8a98e2181a47ccf88c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSize
LeaveCriticalSection
lstrlenW
GetTickCount
RemoveDirectoryA
GetModuleHandleA
CreateDirectoryW
VirtualProtectEx
TlsGetValue
CancelIo
GetStartupInfoA
GetConsoleTitleW
GetModuleFileNameA
CloseHandle
CreateFileA
InitializeCriticalSection
ReadFile
EnterCriticalSection
GlobalFree
GetCalendarInfoA
GetCommandLineW
Sleep
CancelIo
WriteConsoleW
DeleteFileA

user32

PeekMessageA
IsWindowEnabled
GetWindowLongA
GetWindowLongA
MessageBoxA
wsprintfA
DestroyMenu
IsWindow
DispatchMessageA
GetSysColor
CreateIcon
GetClassInfoA
IsWindowVisible

cryptdlg

CertTrustCertPolicy
CertTrustInit
CertTrustCleanup
CertConfigureTrustA

advapi32

RegCloseKey

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 382KB - Virtual size: 924KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy