e1fa1c5bb331b658f0cb67ca67f8bf58fc61be537bae914265e29fcc9078b0af | Triage

Submit
Reports

Overview

overview

Static

static

e1fa1c5bb3...af.exe

windows7-x64

e1fa1c5bb3...af.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

e1fa1c5bb331b658f0cb67ca67f8bf58fc61be537bae914265e29fcc9078b0af.exe

Resource

win7-20221111-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

e1fa1c5bb331b658f0cb67ca67f8bf58fc61be537bae914265e29fcc9078b0af.exe

Resource

win10v2004-20221111-en

evasion persistence trojan

windows10-2004-x64

13 signatures

150 seconds

General

Target

e1fa1c5bb331b658f0cb67ca67f8bf58fc61be537bae914265e29fcc9078b0af
Size

63KB
MD5

45251c1dfcf3dbc3a88c0618f3f45138
SHA1

ece9cce8fe80b7f0f8c5b31d4a836265fd6d9680
SHA256

e1fa1c5bb331b658f0cb67ca67f8bf58fc61be537bae914265e29fcc9078b0af
SHA512

42ca1a7591597fdd4d456c9d0ba6fee0da2346862d8438adb0e5457019e83b56e038607955b09c01c3d4021848db7c0555e9b18f8ca1577c2171b9ae4e3a6699
SSDEEP

768:594XD3fzw344fNXJX99SpZ4zAW3nYjaOtIUY7pG+EJjiXdJBCe:594XDvsnnX9IYmjWUDZe

Score

N/A

Malware Config

Signatures

Files

e1fa1c5bb331b658f0cb67ca67f8bf58fc61be537bae914265e29fcc9078b0af
.exe windows x86

2a6b80c7a2d64fde3f54c98f88f3fe3c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

closesocket
WSALookupServiceNextA
accept
WSACleanup
WSAStartup
listen

kernel32

FindResourceA
GetModuleHandleA
EnumResourceNamesA
VirtualAlloc
LockResource
ExitProcess
EnumTimeFormatsA
GetStartupInfoA
EnumResourceTypesA
CommConfigDialogA

ole32

BindMoniker
CLIPFORMAT_UserFree
PropVariantChangeType
CoInvalidateRemoteMachineBindings
CoGetCallerTID

Sections

CODE
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: - Virtual size: 433B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 92KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 720B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy