679119f9f4ade7a88a2e9290ba280eb47b512b9cf6b04452b8e954a5db7a73d2 | Triage

Submit
Reports

Overview

overview

Static

static

679119f9f4...d2.exe

windows7-x64

679119f9f4...d2.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

679119f9f4ade7a88a2e9290ba280eb47b512b9cf6b04452b8e954a5db7a73d2.exe

Resource

win7-20221111-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

679119f9f4ade7a88a2e9290ba280eb47b512b9cf6b04452b8e954a5db7a73d2.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

679119f9f4ade7a88a2e9290ba280eb47b512b9cf6b04452b8e954a5db7a73d2
Size

325KB
MD5

ee18ff995cfe7d4b80e6df14f4161af9
SHA1

989715d805c7a7079b2290e0f0af5376b61146f2
SHA256

679119f9f4ade7a88a2e9290ba280eb47b512b9cf6b04452b8e954a5db7a73d2
SHA512

b1779b04b852312acb1b8c04ee15319f9a0d9621cbd4b43cfa004c384ea732027a3777d529b97f5d6de6ddfaeeedf4d0fba971e390736f0df7da8cdddc20deb1
SSDEEP

6144:pgpd5NG3XXnRI2RZfdM5rkVYIWNJnXyEtBfCvoK8CUmt6CAWctDpv:pgP/IXRIGdMNkiIEJnXWzbUVtWctDpv

Score

N/A

Malware Config

Signatures

Files

679119f9f4ade7a88a2e9290ba280eb47b512b9cf6b04452b8e954a5db7a73d2
.exe windows x86

9e34a75f9fd72e69b2fca8cb32729e20

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetComputerNameA
GetExitCodeProcess
GetTickCount
GetSystemTime
LoadLibraryW
CloseHandle
SetLastError
CreateFileA
CreateThread
ResetEvent
GetFileAttributesA
SetEvent
SuspendThread
HeapCreate
GetCommandLineW
FindAtomA
TlsGetValue
GetDiskFreeSpaceW
GetModuleHandleA
LocalFree

advapi32

RegCreateKeyExA
RegEnumValueA
IsTokenRestricted
CredFree
RegEnumKeyExA
GetLengthSid
CreateServiceW
GetUserNameW
RegDeleteKeyA
CloseEventLog
RegQueryValueA
GetFileSecurityA
RegCloseKey

cryptui

WizardFree
CryptUIDlgSelectStoreA
CryptUIDlgCertMgr
LocalEnroll
CryptUIDlgSelectCA

powercfg.cpl

CPlApplet

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 428KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 315KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy