185d2a2ab0eb9df19371309dc8406efebc4dbe3d1721186eb7017b4931a16028 | Triage

Submit
Reports

Overview

overview

8

Static

static

185d2a2ab0...28.exe

windows7-x64

8

185d2a2ab0...28.exe

windows10-2004-x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

185d2a2ab0eb9df19371309dc8406efebc4dbe3d1721186eb7017b4931a16028.exe

Resource

win7-20220901-en

persistence spyware stealer upx

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

185d2a2ab0eb9df19371309dc8406efebc4dbe3d1721186eb7017b4931a16028.exe

Resource

win10v2004-20220812-en

persistence spyware stealer upx

windows10-2004-x64

5 signatures

150 seconds

General

Target

185d2a2ab0eb9df19371309dc8406efebc4dbe3d1721186eb7017b4931a16028
Size

173KB
MD5

8102b31c7a0df2662ac7c9166007bcf3
SHA1

434a720371ec5dc88950d0aefb906c6f89ef5506
SHA256

185d2a2ab0eb9df19371309dc8406efebc4dbe3d1721186eb7017b4931a16028
SHA512

7076e6d6b13effcc464750e794ad8ec07f3c3aeda6fe3233cdef23cf302fc6b822d719bcaf3c08f793173e7c91da486809d516ab9fe20bd2cb6d09b5c85ff9be
SSDEEP

3072:5QIebHA88I2yY0QyxZ6z/Dupxe+7C9l8F42EndaEyL2M1DviDQjadiRrZxhJ6qRu:rebHALITYjr8p7ml8FQnda32mbjaCNxo

Score

N/A

Malware Config

Signatures

Files

185d2a2ab0eb9df19371309dc8406efebc4dbe3d1721186eb7017b4931a16028
.exe windows x86

2e58d2a738a376f58573e133dea36c1b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mciSendCommandA
sndPlaySoundA

oleacc

LresultFromObject
CreateStdAccessibleObject

advapi32

RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA

kernel32

WideCharToMultiByte
MultiByteToWideChar
Sleep
GetCurrentThreadId
GetAtomNameW
GetStartupInfoW
GetSystemTimeAsFileTime
GetModuleHandleW
GetCurrentProcess
UnhandledExceptionFilter
lstrlenA
GetACP
RaiseException
InterlockedExchange
GetEnvironmentVariableW
InterlockedCompareExchange
EnumResourceNamesA
IsDebuggerPresent
GetTickCount
CreateProcessW
GetCurrentProcessId
QueryMemoryResourceNotification
SetUnhandledExceptionFilter
LocalAlloc
QueryPerformanceCounter
TerminateProcess
GetLocaleInfoW
lstrlenW
GetThreadLocale

setupapi

InstallCatalog
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

shlwapi

PathAddBackslashA

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy