sample_packed[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

sample_packed.exe

windows10-2004_x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

sample_packed.exe

Resource

win10v2004-20220414-en

qakbot spx133 1591267427 banker stealer trojan

windows10-2004_x64

0 signatures

0 seconds

General

Target

sample_packed.exe
Size

325KB
MD5

e1205ef15da2dbecb57b40ce43abe0f8
SHA1

8525f7a7218923302f97f4eb3865a1e20c271521
SHA256

a5f9efbd8eb8dbadaead5328b9e1f3ace32e1b92f2772048cac6d455b8810d4c
SHA512

d963263077611a27a663a97853cba3bb1031f4ba051129f08b2bb702b1a4e7b5e9e701cf08032b0c5d4fe4247bc18978b159e8d4900d3f3c0f392eb80d4551eb
SSDEEP

6144:dTCOvUUJjejrtFq4Z05fwJome46ujzFUWrCdgO//k5yKKYwoZx:BCOvwhqfwampzFvCdgO3ZIwoZ

Score

N/A

Malware Config

Signatures

Files

sample_packed.exe
.exe windows x86

4530a8f7af9ac0c1b8ba720b1860a723

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

GetDC

gdi32

Arc

comdlg32

PrintDlgW

advapi32

FreeSid

shell32

DragFinish

ole32

OleRun

shlwapi

StrChrIA

comctl32

ImageList_Add

Sections

.MPRESS1
Size: 295KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy