6a3a68fc0bdce804775d232d86b19ad1b53fbeeaf1b28faa43f37de0eefc5415 | Triage

Submit
Reports

Overview

overview

Static

static

6a3a68fc0b...15.exe

windows7_x64

6a3a68fc0b...15.exe

windows10-2004_x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

6a3a68fc0bdce804775d232d86b19ad1b53fbeeaf1b28faa43f37de0eefc5415.exe

Resource

win7-20220414-en

taurus discovery spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

6a3a68fc0bdce804775d232d86b19ad1b53fbeeaf1b28faa43f37de0eefc5415.exe

Resource

win10v2004-20220414-en

taurus discovery spyware stealer trojan

windows10-2004_x64

0 signatures

0 seconds

General

Target

6a3a68fc0bdce804775d232d86b19ad1b53fbeeaf1b28faa43f37de0eefc5415
Size

257KB
MD5

e54f0b91135f28323ff716b5c392fb74
SHA1

d387b01ecce13dbf05c6ea990a2685093c963211
SHA256

6a3a68fc0bdce804775d232d86b19ad1b53fbeeaf1b28faa43f37de0eefc5415
SHA512

4db49f7be8dfdb9e74bfadd380965fb67b30d3a9b50812f6dabe51e4d98c4c601a11807f2abee5d57ff62dabbe2c72ddedfb682de65ed23ee2a24d6004e0e84b
SSDEEP

3072:ISiaL7egf1a7pqmQbdKdJHJOWkIiN4EDt0j6jpjij+j5jijujfjXjbj8jvjgrBEY:ISi+0pNkCA/Jo4n/Te70MOpl

Score

N/A

Malware Config

Signatures

Files

6a3a68fc0bdce804775d232d86b19ad1b53fbeeaf1b28faa43f37de0eefc5415
.exe windows x86

3fbdffb2b06cb80c85630cf346c5c274

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
VirtualAlloc
VirtualFree
VirtualProtect
GetModuleHandleA
GetLastError
GetCurrentThreadId
lstrcmpA
MoveFileW
GlobalFix
WriteConsoleA

user32

GetGUIThreadInfo
GetCapture
GetKeyboardType
GetCaretBlinkTime
AppendMenuW
CopyRect
NotifyWinEvent

version

VerQueryValueA
VerInstallFileW

gdi32

GetFontData
GetTextExtentExPointI
SetPolyFillMode
CLIPOBJ_cEnumStart
DdEntry40

comdlg32

FindTextA
WantArrows
CommDlgExtendedError
GetFileTitleW

shell32

ShellAboutA
SHCreateShellItem
SHCreateDirectory

winmm

mod32Message
joyGetPos
waveOutWrite
midiInOpen
mmioSetInfo

winspool.drv

AddFormA

advapi32

PrivilegedServiceAuditAlarmA
SystemFunction031
DuplicateTokenEx
LsaSetSystemAccessAccount

Sections

.code
Size: 253KB - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy