bab4a86b00c96612abc4938712c7cb81a688d1b4ea178985fbb5cea6a1a09f70 | Triage

Submit
Reports

Overview

overview

Static

static

bab4a86b00...70.exe

windows7-x64

bab4a86b00...70.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

bab4a86b00c96612abc4938712c7cb81a688d1b4ea178985fbb5cea6a1a09f70.exe

Resource

win7-20221111-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

bab4a86b00c96612abc4938712c7cb81a688d1b4ea178985fbb5cea6a1a09f70.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

bab4a86b00c96612abc4938712c7cb81a688d1b4ea178985fbb5cea6a1a09f70
Size

450KB
MD5

f8275282b6541e7c67fb66e85dafa773
SHA1

e54575571ead06fe88388ea34c8566541378ad6a
SHA256

bab4a86b00c96612abc4938712c7cb81a688d1b4ea178985fbb5cea6a1a09f70
SHA512

8c9d3280c6d08b5aa06b0c7e3c35342717f8e44de3b26a31b4b5fe8717dd0eb8a06b285de8204dcb6c38a3c5f13b21b0f58907d6e884c8707bbb7c275f140c99
SSDEEP

12288:5+02LdgiUHAoGac2ou8R30sjd9j2uU4OXwehfNA:5G5FUfBlo5306j9UpXweh2

Score

N/A

Malware Config

Signatures

Files

bab4a86b00c96612abc4938712c7cb81a688d1b4ea178985fbb5cea6a1a09f70
.exe windows x86

fd4fb1535e71249f5b9075440664bed0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalSize
CloseHandle
GetDriveTypeA
CreateSemaphoreA
VirtualQuery
GetModuleFileNameA
CreateDirectoryA
GetCurrentDirectoryW
FindVolumeClose
GetCurrentThreadId
FindClose
IsBadReadPtr
HeapFree
WriteFile
GetCommandLineA
GetFileAttributesA
ExitThread
GetFileTime
WaitForMultipleObjects
CancelIo
FindVolumeClose
HeapCreate
GetFileType
GetModuleHandleA
lstrlenA

uxtheme

CloseThemeData
GetThemeSysSize
IsThemeActive
GetThemeTextExtent
DrawThemeBackground
GetThemeBool
DrawThemeEdge
GetWindowTheme
OpenThemeData
SetWindowTheme
GetThemeTextMetrics
CloseThemeData
GetThemeColor

fmifs

Extend
Extend
Extend
Extend

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 608KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 443KB - Virtual size: 443KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy