fae92576b965df8f7261e4be35d8330b8bc254952281117d0a9d094fb723f151 | Triage

Submit
Reports

Overview

overview

Static

static

fae92576b9...51.exe

windows7-x64

fae92576b9...51.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

fae92576b965df8f7261e4be35d8330b8bc254952281117d0a9d094fb723f151.exe

Resource

win7-20220901-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

fae92576b965df8f7261e4be35d8330b8bc254952281117d0a9d094fb723f151.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

fae92576b965df8f7261e4be35d8330b8bc254952281117d0a9d094fb723f151
Size

381KB
MD5

ac2f0088a4b781a134c1607406fd424c
SHA1

41f90c6020b67172e31e8a6410d659e1cb21d840
SHA256

fae92576b965df8f7261e4be35d8330b8bc254952281117d0a9d094fb723f151
SHA512

1132d33f5a70f6e0505b1331a18e2caf15c6c214eedb214cf508ebfcb3234068559686e555ccc509bfa1243898b1b9213f41f3b73b69e0534c9d344b2ec4ba3e
SSDEEP

6144:QRMsxt0HEAT1fxhcMxW2pL7lv6w2K/PkFtR6sFHYnHFWhTyHVEOSQTQiJY7jM56g:QRMsMHEAJLjpFv6w2K/PkFtlVMHFWg10

Score

N/A

Malware Config

Signatures

Files

fae92576b965df8f7261e4be35d8330b8bc254952281117d0a9d094fb723f151
.exe windows x86

cf3a7e6a775d68d4712fb6b56ddde1e9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseMutex
FindClose
InitializeCriticalSection
IsBadStringPtrW
LocalFree
WriteFile
GetPrivateProfileStringA
GetCurrentProcessId
ReleaseMutex
TlsGetValue
GetFileTime
GlobalFlags
CreateEventW
GetDriveTypeA
GetCurrentThreadId
HeapCreate
CloseHandle
GetEnvironmentVariableW
lstrlenW
LoadLibraryW

user32

EndDialog
DrawTextA
DrawStateW
IsWindow
CallWindowProcW
GetClassInfoA
GetKeyboardType
DispatchMessageA
SetFocus
GetClientRect
GetSysColor
CreateWindowExA
GetSysColor

pnrpnsp

NSPStartup
NSPStartup
NSPStartup
NSPStartup
NSPStartup

advapi32

InitializeSid

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 371KB - Virtual size: 370KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy