644026915215b3af039afdc0dd2026d20a931dc2f1d32ad8dddec5d3df95dae8 | Triage

Submit
Reports

Overview

overview

Static

static

6440269152...e8.exe

windows7-x64

6440269152...e8.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

644026915215b3af039afdc0dd2026d20a931dc2f1d32ad8dddec5d3df95dae8.exe

Resource

win7-20220812-en

evasion persistence trojan vmprotect

windows7-x64

19 signatures

150 seconds

Behavioral task

behavioral2

Sample

644026915215b3af039afdc0dd2026d20a931dc2f1d32ad8dddec5d3df95dae8.exe

Resource

win10v2004-20220812-en

evasion persistence trojan vmprotect

windows10-2004-x64

20 signatures

150 seconds

General

Target

644026915215b3af039afdc0dd2026d20a931dc2f1d32ad8dddec5d3df95dae8
Size

1.8MB
MD5

acd907e8509939e64e0a8bd0d411d0ff
SHA1

beddb446231215140696cbb6c090bbc3ad7f6ab3
SHA256

644026915215b3af039afdc0dd2026d20a931dc2f1d32ad8dddec5d3df95dae8
SHA512

f96d851b4bd82f2e4c7ec70358a5031800f521d7b209c9ab15648279968894d0e69520ae179e68909a90e5ccc59d31c07a7f5a909df0404abe5112202ece29f6
SSDEEP

49152:BRwkhvTiZWvWOubtHjzRjmotpSTCcsrUYNuy6BJO0wW4:BRbv+dP5HjdSTCjrpuXBJO1W4

Score

N/A

Malware Config

Signatures

Files

644026915215b3af039afdc0dd2026d20a931dc2f1d32ad8dddec5d3df95dae8
.exe windows x86

2625fab3b6e96fc2372288ce61b2deac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileAttributesA
FreeResource
CloseHandle
WriteFile
SizeofResource
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
CreateFileA
LoadResource
FindResourceA
DeleteFileA
WinExec
CopyFileA
ReadFile
SetFilePointer
ResumeThread
CreateProcessA
lstrcatA
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
GetEnvironmentVariableA
GetShortPathNameA
GetModuleFileNameA
Sleep
FreeLibrary
WaitForSingleObject
GetProcAddress
LoadLibraryA
GetTempPathA
CreateThread
GetModuleHandleA
GetStartupInfoA

user32

wsprintfA

shell32

StrStrIA
ShellExecuteA

msvcrt

_controlfp
memset
fclose
fwrite
strlen
fopen
strcat
strcpy
free
malloc
memcpy
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy