c6ab00d7f799e0d483903cc79f9690a479e6a87c1aa021e37807cf28732fee08 | Triage

Submit
Reports

Overview

overview

Static

static

c6ab00d7f7...08.exe

windows7-x64

c6ab00d7f7...08.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

c6ab00d7f799e0d483903cc79f9690a479e6a87c1aa021e37807cf28732fee08.exe

Resource

win7-20220901-en

evasion persistence trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

c6ab00d7f799e0d483903cc79f9690a479e6a87c1aa021e37807cf28732fee08.exe

Resource

win10v2004-20221111-en

evasion persistence trojan

windows10-2004-x64

9 signatures

150 seconds

General

Target

c6ab00d7f799e0d483903cc79f9690a479e6a87c1aa021e37807cf28732fee08
Size

32KB
MD5

45f5265052f887be30a226cbe949f3e7
SHA1

8a66a4a5352154ac22a6fe307543d30b528d638c
SHA256

c6ab00d7f799e0d483903cc79f9690a479e6a87c1aa021e37807cf28732fee08
SHA512

d1b09f0d8e2e917ac78e3d4534ac7239176269e466a06d1a3a8ff8103472c1e19e08d14bab451fe670fe21948da3d338c3e475f3bcde52cf88256e586c905c1d
SSDEEP

384:eQZFbSKQ4ABdh6oPWAe1jO/CDUEhWdimqvUnMnY:e9VrAoPo1jO/UsdFqvLnY

Score

N/A

Malware Config

Signatures

Files

c6ab00d7f799e0d483903cc79f9690a479e6a87c1aa021e37807cf28732fee08
.exe windows x86

053b7eb6fa26f367a8e3e824bd902ce6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocalTime
GetTimeZoneInformation
ReadFile
DeleteFileA
VirtualAlloc
VirtualFree
TerminateThread
GetProcAddress
ExitProcess
GetLastError
GetSystemTime
Sleep
CreateMutexA
LoadLibraryA
GetModuleHandleA
GetCommandLineA
SetCurrentDirectoryA
WriteFile
CloseHandle
GetTickCount
CreateFileA
ExitThread
GetModuleFileNameA
ExpandEnvironmentStringsA
ReleaseMutex
SetFilePointer

wininet

HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetReadFile
InternetConnectA
InternetCloseHandle
InternetOpenA

advapi32

ControlService
OpenSCManagerA
OpenServiceW
CloseServiceHandle

ntdll

RtlRandom
strstr
atoi
strncpy
_chkstk
memset
memcpy
_itoa
sprintf
_stricmp

ws2_32

inet_addr
gethostname

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy