c5bb4d48b5eb162bbb8966a1bf1f6c79500760f423f83cfd94f7d788b642acda | Triage

Submit
Reports

Overview

overview

Static

static

c5bb4d48b5...da.exe

windows7-x64

c5bb4d48b5...da.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

c5bb4d48b5eb162bbb8966a1bf1f6c79500760f423f83cfd94f7d788b642acda.exe

Resource

win7-20220901-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

c5bb4d48b5eb162bbb8966a1bf1f6c79500760f423f83cfd94f7d788b642acda.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

c5bb4d48b5eb162bbb8966a1bf1f6c79500760f423f83cfd94f7d788b642acda
Size

392KB
MD5

07e5601fae4d721025288c81fda73c82
SHA1

095c2cf130901c511250c24d60108bedb9f9e21e
SHA256

c5bb4d48b5eb162bbb8966a1bf1f6c79500760f423f83cfd94f7d788b642acda
SHA512

40b33ae05c325b3a8515a506cdf3f1d93564cd76dfec7a8623468ffaea886f135115cadcf32a335aee621268fb8f37faa442816bc3c754495189fc38ff25bb27
SSDEEP

12288:6vxQth/XqhLtlcmb5TZ/GawLXYcWoodp2:AovqhJlcmNTZEJm2

Score

N/A

Malware Config

Signatures

Files

c5bb4d48b5eb162bbb8966a1bf1f6c79500760f423f83cfd94f7d788b642acda
.exe windows x86

3aaf2780a61260076f11440d47c026b2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
LoadLibraryExA
CreateMutexA
FindClose
IsBadCodePtr
LocalUnlock
GetACP
SetVolumeMountPointA
HeapDestroy
ExitProcess
UnmapViewOfFile
FindResourceA
HeapCreate
GetModuleHandleA
CreateFileA
FreeEnvironmentStringsA
TlsGetValue
LocalFree
GetLastError
FreeConsole

user32

GetFocus
GetDC
CheckRadioButton
DrawEdge
DispatchMessageA
DrawMenuBar
GetDlgItem
GetIconInfo
CallWindowProcA
CopyRect
FillRect
IsWindow
DefWindowProcW

uxtheme

DrawThemeEdge
GetThemeSysInt
DrawThemeIcon
GetThemeRect
DrawThemeText

clbcatq

SetupOpen

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy