162f0d7c9a6c1e6c3887f88d049f1a5118b8b413a3771e7baa1a16e8c2a1a02f | Triage

Submit
Reports

Overview

overview

Static

static

162f0d7c9a...2f.exe

windows7-x64

162f0d7c9a...2f.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

162f0d7c9a6c1e6c3887f88d049f1a5118b8b413a3771e7baa1a16e8c2a1a02f.exe

Resource

win7-20221111-en

evasion persistence trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

162f0d7c9a6c1e6c3887f88d049f1a5118b8b413a3771e7baa1a16e8c2a1a02f.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

162f0d7c9a6c1e6c3887f88d049f1a5118b8b413a3771e7baa1a16e8c2a1a02f
Size

450KB
MD5

0e0e16fc785825e7d80afa2909ca2dfb
SHA1

875db0b44e4cdc73cd05cf599456e96b6f3897cc
SHA256

162f0d7c9a6c1e6c3887f88d049f1a5118b8b413a3771e7baa1a16e8c2a1a02f
SHA512

8565f7bbff9fe76b14c59dbd0066640ba3dce34f96da230cc927ab84b49e19c73e4892cb6661273ca294b45aeaf95f54751c34515063a49ad10078dbd4390316
SSDEEP

12288:MumMK8GRMApv4h2Ywm8rRuxYdeJvdnO2Yj:bbwzQkYvORheJvt5Y

Score

N/A

Malware Config

Signatures

Files

162f0d7c9a6c1e6c3887f88d049f1a5118b8b413a3771e7baa1a16e8c2a1a02f
.exe windows x86

dc48621d2172f2df8de1a9ce902873e5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
ReadFile
FindClose
GetCommandLineW
GlobalLock
MapViewOfFile
GetEnvironmentVariableW
WaitForMultipleObjects
SetLastError
GetCommandLineA
GetCurrentDirectoryW
GetFileAttributesA
GetFileType
GetFileTime
lstrlenA
GetDriveTypeA
GlobalSize
GetModuleHandleA
IsBadReadPtr
CloseHandle
HeapCreate
HeapFree
EnterCriticalSection
SetFileAttributesW
ExitThread

uxtheme

CloseThemeData
DrawThemeBackground
GetThemeTextMetrics
GetThemeEnumValue
GetWindowTheme
GetThemeTextExtent
DrawThemeEdge
SetWindowTheme
IsThemeActive
GetThemeBool
OpenThemeData
CloseThemeData
GetThemeColor

dmocx

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 604KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 443KB - Virtual size: 442KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy