af55a445b41c4ecffdc7a376182b9212fb4c9dd1f0f22ef263f9382325efb31c | Triage

Submit
Reports

Overview

overview

Static

static

af55a445b4...1c.exe

windows7-x64

af55a445b4...1c.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

af55a445b41c4ecffdc7a376182b9212fb4c9dd1f0f22ef263f9382325efb31c.exe

Resource

win7-20221111-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

af55a445b41c4ecffdc7a376182b9212fb4c9dd1f0f22ef263f9382325efb31c.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

af55a445b41c4ecffdc7a376182b9212fb4c9dd1f0f22ef263f9382325efb31c
Size

367KB
MD5

6b007911853e39dd46093d254e319a12
SHA1

037c75068c5bdd417b19f18bd7c7d5e0de3b9480
SHA256

af55a445b41c4ecffdc7a376182b9212fb4c9dd1f0f22ef263f9382325efb31c
SHA512

47d8bc34f52ad23b39ba8c278bcfafb15fe8ff80aa261e9991ac97cb3abad31ca1bf5367725cefad696340b5a283b0d53fa8035fa119c13b6e3b6f591f61a133
SSDEEP

6144:Pg/4HduNvC0agNm9lIPJ2WNDT3oCpLGAcl+DegosQSm/SjJwbK+TfgPIn+j:O4HduNvCZ9lIPcW93oyGd6e3sg8JT+bx

Score

N/A

Malware Config

Signatures

Files

af55a445b41c4ecffdc7a376182b9212fb4c9dd1f0f22ef263f9382325efb31c
.exe windows x86

21f78a341b82401ec222ed48d229b239

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
TerminateThread
LocalFree
HeapCreate
ReleaseMutex
CloseHandle
GetModuleHandleA
GlobalUnlock
SetLastError
SetEnvironmentVariableA
lstrlenW
CreateMutexA
FindResourceA
GetPriorityClass
GetStdHandle
LoadLibraryExW
GetConsoleMode
CreateFileA
TlsGetValue
Sleep

user32

DrawEdge
DrawMenuBar
GetIconInfo
CallWindowProcA
GetDlgItem
IsWindow
SetFocus
FillRect
GetDC
DispatchMessageA
CopyRect
CheckRadioButton
GetCaretPos

apphelp

SdbGetDatabaseID
SdbCloseDatabase
SdbFindNextTag
ApphelpCheckIME
SdbFindFirstTag

clbcatq

ComPlusMigrate

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 428KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 343KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy