995ef8e4d150db577bc08eb10efdb275e8b29a271f5b64a09bd71ad91dba9204 | Triage

Submit
Reports

Overview

overview

Static

static

995ef8e4d1...04.exe

windows7-x64

995ef8e4d1...04.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

995ef8e4d150db577bc08eb10efdb275e8b29a271f5b64a09bd71ad91dba9204.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

995ef8e4d150db577bc08eb10efdb275e8b29a271f5b64a09bd71ad91dba9204.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

995ef8e4d150db577bc08eb10efdb275e8b29a271f5b64a09bd71ad91dba9204
Size

391KB
MD5

e34daccc3e7b6d8252784a52218d506c
SHA1

7a43fd5668325bf2ccf3fdf0db73a720b9dc7bd0
SHA256

995ef8e4d150db577bc08eb10efdb275e8b29a271f5b64a09bd71ad91dba9204
SHA512

fadd5c376aa0e02294ecdef1ff8e13cafab9d2f57843ebf8338cef97350e4e7dfc162312799c0839d508fb0b467890b0c5cb27d2e2df98ec0bf98e4e37b01849
SSDEEP

12288:pQBpORMwHEAJLjpFv6w2K/PkFtlVMHFWg1EOfoMzCc3Sa0n:aTORMwkAJLjpFvN/ytkjEOfoMWN

Score

N/A

Malware Config

Signatures

Files

995ef8e4d150db577bc08eb10efdb275e8b29a271f5b64a09bd71ad91dba9204
.exe windows x86

83fdc2b4c9d5b9dd865a7abc2c1381a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadStringPtrW
HeapCreate
GetEnvironmentVariableW
GetCurrentThreadId
lstrlenW
ReleaseMutex
GetFileTime
WriteFile
CreateEventW
GetCurrentProcessId
ReleaseMutex
InitializeCriticalSection
GlobalFlags
FindAtomA
LocalFree
GetDriveTypeA
GetPrivateProfileStringA
LoadLibraryW
TlsGetValue
FindClose

user32

DrawStateW
IsWindow
CreateWindowExA
GetKeyboardType
DispatchMessageA
SetFocus
GetClientRect
GetSysColor
DrawTextA
EndDialog
GetClassInfoA
GetSysColor
CallWindowProcW

rastapi

DeviceDone
DeviceDone
DeviceDone
DeviceDone
DeviceDone

advapi32

InitializeSid

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 381KB - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy