2024-10-11_03a5ea04ef15bca68edf74f38463087e_hiddentear | Triage

Submit
Reports

Overview

overview

Static

static

1

2024-10-11...ar.exe

windows7-x64

2024-10-11...ar.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

2024-10-11_03a5ea04ef15bca68edf74f38463087e_hiddentear.exe

Resource

win7-20240903-en

hawkeye collection discovery keylogger persistence spyware stealer trojan

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-10-11_03a5ea04ef15bca68edf74f38463087e_hiddentear.exe

Resource

win10v2004-20241007-en

hawkeye collection discovery keylogger persistence spyware stealer trojan

windows10-2004-x64

16 signatures

150 seconds

General

Target

2024-10-11_03a5ea04ef15bca68edf74f38463087e_hiddentear
Size

660KB
MD5

03a5ea04ef15bca68edf74f38463087e
SHA1

ce7ffb5982cb5c5a66854d4931c6be802b06cf3e
SHA256

0dfb3176683efa54883d71a9c575d15f2fcee4293e53dd99db71d9bdfed9913f
SHA512

5f9df5ec1e8338ef0935329decce78f1699dd835a48faacb869212c72e8fef0b6384c8c0e12abf19f41edd76366e9b9ee55152550025839a348ecd3ebde4b706
SSDEEP

12288:u2hpKuNFgElu1Wt2yAS6yFQTWnk1q1vvG2eZkmMwP3OI4kDkRpzA8aR:u2HKQNlZtlAS6yFMOPTVsqrAF

Score

1^/10

Malware Config

Signatures

Files

2024-10-11_03a5ea04ef15bca68edf74f38463087e_hiddentear
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

6c:7c:17:23:38:1a:15:a4:41:61:85:1a:89:4b:f5:45
Certificate

Issuer

CN=SmartFTP Client

Not Before

02-01-2014 12:56

Not After

02-01-2114 12:56

Subject

CN=SmartFTP Client

ed:f1:5d:57:79:80:fb:e5:c8:70:c3:52:6d:c4:b3:59:06:d3:29:76
Signer

Actual PE Digest

ed:f1:5d:57:79:80:fb:e5:c8:70:c3:52:6d:c4:b3:59:06:d3:29:76

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 554KB - Virtual size: 554KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy