c82df54dab8f4924ce82ec0dc2f623ad303fbb0a56dcf81de13ce53c37998063 | Triage

Submit
Reports

Overview

overview

Static

static

c82df54dab...63.exe

windows7_x64

c82df54dab...63.exe

windows10-2004_x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

c82df54dab8f4924ce82ec0dc2f623ad303fbb0a56dcf81de13ce53c37998063.exe

Resource

win7-20220414-en

taurus discovery spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

c82df54dab8f4924ce82ec0dc2f623ad303fbb0a56dcf81de13ce53c37998063.exe

Resource

win10v2004-20220414-en

taurus discovery spyware stealer trojan

windows10-2004_x64

0 signatures

0 seconds

General

Target

c82df54dab8f4924ce82ec0dc2f623ad303fbb0a56dcf81de13ce53c37998063
Size

1.2MB
MD5

c350b786bfc1908e0a1941c17e00878c
SHA1

8771cdfac861bd7c32fad8dfe22d0ca712f8e77c
SHA256

c82df54dab8f4924ce82ec0dc2f623ad303fbb0a56dcf81de13ce53c37998063
SHA512

25188e552bbbdd3923cf2c1042be653f56306de60e9507f5e1f6f6664c876c54e050b4e31746a96dc1c6bb98379bd8aa4ff961e41d1b189bc6594e4218c29728
SSDEEP

6144:xF+W7fV8xvwJKMzpONrHgkZxglVT98fMnVokxuKWDCfF:xF/mxvwJRzcHgk0qf8zHWD

Score

N/A

Malware Config

Signatures

Files

c82df54dab8f4924ce82ec0dc2f623ad303fbb0a56dcf81de13ce53c37998063
.exe windows x86

cb683767fc797d574f6bf03d495caf48

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
VirtualAlloc
VirtualFree
VirtualProtect
GetModuleHandleA
GetLastError
GetCurrentThread
lstrcmpA
GetCurrentThreadId

user32

GetCaretBlinkTime
GetCursorPos
GetAsyncKeyState
GetActiveWindow
DialogBoxParamW

comctl32

InitCommonControls

advapi32

StartTraceW

ole32

RegisterDragDrop
PropVariantCopy

imagehlp

StackWalk64

oleaut32

VarCyFromUI2
VarI2FromI8
VarCyFromR4
VarR4FromI2

version

VerInstallFileA
GetFileVersionInfoSizeW

shell32

DragQueryFile

oledlg

OleUIBusyA
OleUIChangeSourceA

gdi32

DeleteColorSpace
GetCharacterPlacementA
GetROP2

msimg32

vSetDdrawflag
GradientFill
DllInitialize
AlphaBlend

comdlg32

WantArrows

gdiplus

GdipDeleteBrush
GdipSetImageAttributesColorKeys

winmm

mixerClose

oleacc

LresultFromObject
AccessibleObjectFromPoint
GetRoleTextA

winspool.drv

DeletePrinter
WaitForPrinterChange
EnumPortsA

shlwapi

AssocQueryStringA
StrCatW

Sections

.code
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy