a6fde81c99e02940ab27792ff13c0ce3895e1db4b06f5f741d33bf0865800dce | Triage

Submit
Reports

Overview

overview

Static

static

a6fde81c99...ce.exe

windows7-x64

a6fde81c99...ce.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

a6fde81c99e02940ab27792ff13c0ce3895e1db4b06f5f741d33bf0865800dce.exe

Resource

win7-20221111-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

a6fde81c99e02940ab27792ff13c0ce3895e1db4b06f5f741d33bf0865800dce.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

a6fde81c99e02940ab27792ff13c0ce3895e1db4b06f5f741d33bf0865800dce
Size

370KB
MD5

75dc8cbccad03a49c001a8722138413b
SHA1

89fdc57e0c1bcef048579108e6c8c95318ad2f1b
SHA256

a6fde81c99e02940ab27792ff13c0ce3895e1db4b06f5f741d33bf0865800dce
SHA512

b0fd999b42fb7aa89a5ef666a9fb0f34d675eeddfa849f260de9c7d96d7cba9d453e4c212364b1894ad948066f2ce2eaaf59bb20452ab806368383990bfafa7f
SSDEEP

6144:0uDeBKecBsNEgXtYtaTexGGRA+VSQl0WgaBmh2Rmg1KBqcAK3:/De0zsNEgXtrOGcA+YQl05EX1KBRAK3

Score

N/A

Malware Config

Signatures

Files

a6fde81c99e02940ab27792ff13c0ce3895e1db4b06f5f741d33bf0865800dce
.exe windows x86

d2fa54d625896bd3a575742209eaf730

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
lstrlenW
VirtualQuery
GetStdHandle
SetLastError
CloseHandle
TlsGetValue
DeleteAtom
CreateFileA
GlobalUnlock
HeapCreate
LoadLibraryExW
SetEnvironmentVariableA
CreateMutexA
GetExitCodeProcess
GlobalFree
ReleaseMutex
FindResourceA
GetPriorityClass
GetModuleHandleA

user32

DrawMenuBar
CallWindowProcA
IsWindow
CreateWindowExA
DrawEdge
GetDlgItem
GetDC
FillRect
DispatchMessageA
CreateMenu
CheckRadioButton
SetFocus
GetIconInfo

ntshrui

GetLocalPathFromNetResourceA
GetNetResourceFromLocalPathA
IsPathSharedA
SetFolderPermissionsForSharing
IsPathSharedW

msasn1

ASN1BERDecEoid

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 343KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy