7670bee1b28980e27f0800ec047284fa59799ad67922b617510f6b2256d9f79d | Triage

Submit
Reports

Overview

overview

Static

static

7670bee1b2...9d.exe

windows7_x64

7670bee1b2...9d.exe

windows10-2004_x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

7670bee1b28980e27f0800ec047284fa59799ad67922b617510f6b2256d9f79d.exe

Resource

win7-20220414-en

taurus discovery spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

7670bee1b28980e27f0800ec047284fa59799ad67922b617510f6b2256d9f79d.exe

Resource

win10v2004-20220414-en

taurus discovery spyware stealer trojan

windows10-2004_x64

0 signatures

0 seconds

General

Target

7670bee1b28980e27f0800ec047284fa59799ad67922b617510f6b2256d9f79d
Size

333KB
MD5

acb92f7694272acf1d8d3662016069c1
SHA1

53408b411de5d99a615ee7b6855957d7342d3bca
SHA256

7670bee1b28980e27f0800ec047284fa59799ad67922b617510f6b2256d9f79d
SHA512

e4e5cf0148e77df316c95f4e1b75f73903c4f4e68043cd9ed298da8a7b5701461331a035bc25803be6719606338762c755fedcaf66341cb73948f61ed176bad6
SSDEEP

3072:oVnnAr+Ct5ZJLhmcJSPCkW+EWcNncmVEj9LgiVeD1ajUsrz6vC6LgP1iD0QRb6rt:2n7+JLhmDCX+EWzbjUJvl8Psb8M90X

Score

N/A

Malware Config

Signatures

Files

7670bee1b28980e27f0800ec047284fa59799ad67922b617510f6b2256d9f79d
.exe windows x86

e8dd9466e0de7479048fef52e217913f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
VirtualAlloc
VirtualFree
VirtualProtect
GetModuleHandleA
lstrcmpA
RequestWakeupLatency
QueryPerformanceFrequency

user32

ShowCursor
SetFocus
SetWindowPos
GetAsyncKeyState
SetCursor
ShowWindow
GetCursorPos
GetCapture
GetGUIThreadInfo
GetActiveWindow

shlwapi

PathIsSameRootW
UrlApplySchemeW

oledlg

OleUIBusyW
OleUIPromptUserA

winspool.drv

ConfigurePortW
DeletePrintProvidorA
GetPrintProcessorDirectoryW
SetFormW

oleaut32

VarDecFix
VarFormatCurrency

comdlg32

dwLBSubclass
PageSetupDlgA

gdiplus

GdipPathIterIsValid
GdipCreateRegionHrgn

msimg32

DllInitialize
TransparentBlt

advapi32

ConvertSecurityDescriptorToAccessNamedA

oleacc

DllUnregisterServer
AccessibleObjectFromPoint
GetStateTextA

ole32

WriteOleStg

Sections

.code
Size: 324KB - Virtual size: 323KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy