b948e1618adc12ed3de653f7cdf8d790137b1fd0bf929f49c5461db1905a5f03 | Triage

Submit
Reports

Overview

overview

Static

static

b948e1618a...03.exe

windows7-x64

b948e1618a...03.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

b948e1618adc12ed3de653f7cdf8d790137b1fd0bf929f49c5461db1905a5f03.exe

Resource

win7-20220812-en

persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

b948e1618adc12ed3de653f7cdf8d790137b1fd0bf929f49c5461db1905a5f03.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

b948e1618adc12ed3de653f7cdf8d790137b1fd0bf929f49c5461db1905a5f03
Size

179KB
MD5

746016b506d69963ce7f83582f85fd85
SHA1

029b1657556e19d9a5f14230aa54a45f420920fd
SHA256

b948e1618adc12ed3de653f7cdf8d790137b1fd0bf929f49c5461db1905a5f03
SHA512

993a7bcdbb5a2fbb3af8a0f782de793f5cfc012811cd83ebe6c1fb998459568ed30cb5760c181abb9776e620dfcd8c76e3ededfc04c2abf6ce8aff070bd35708
SSDEEP

3072:+qaCzniv+YFyULHEn4DUNn6B/us0B4A9/AzeRwVJLVmZ3FkQRdYkv7G8sNp:+P/FPiy/AB4evRWJLVmZ3e6dbGl

Score

N/A

Malware Config

Signatures

Files

b948e1618adc12ed3de653f7cdf8d790137b1fd0bf929f49c5461db1905a5f03
.exe windows x86

186bf3013a0a1ece3362791867567db0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreatePen
CreateDCW
CreateCompatibleDC
SetStretchBltMode
DeleteDC
BitBlt
LineTo
GetObjectType
SelectObject
CreateDIBSection
StretchBlt
CreateBitmap

msimg32

AlphaBlend
TransparentBlt

kernel32

GetHandleInformation
LocalFree
TransmitCommChar
ExitProcess
EnumResourceNamesW
ExitProcess
LoadLibraryW
GetVersionExA
LocalAlloc
GetModuleFileNameA

gdiplus

GdipGetImagePixelFormat
GdipCreateBitmapFromFile
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage

user32

RedrawWindow
FindWindowA
TrackPopupMenuEx
DestroyMenu
CreatePopupMenu
ClipCursor
GetDesktopWindow

ole32

CoUninitialize
StringFromGUID2
CoFreeUnusedLibraries
CoInitialize
CoCreateInstance

comctl32

ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter

winmm

timeGetTime

Sections

.text
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsr
Size: 512B - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy