ee48b76b3eebf5ae62d44ac9e70cf99691937e5043407a6611d614b130257f8f | Triage

Submit
Reports

Overview

overview

8

Static

static

ee48b76b3e...8f.exe

windows7-x64

8

ee48b76b3e...8f.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

ee48b76b3eebf5ae62d44ac9e70cf99691937e5043407a6611d614b130257f8f.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

ee48b76b3eebf5ae62d44ac9e70cf99691937e5043407a6611d614b130257f8f.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

ee48b76b3eebf5ae62d44ac9e70cf99691937e5043407a6611d614b130257f8f
Size

803KB
MD5

78de509890664a8ac90dad6b3df547f0
SHA1

87d0d94f42ba7078ffb1d1865acd65b4b03c0c7f
SHA256

ee48b76b3eebf5ae62d44ac9e70cf99691937e5043407a6611d614b130257f8f
SHA512

372f80aa408d69d20e8e008e0dd3569f492c032b327dedc26c61ac45acfab6ffe017adcc81c5e83827ddedd8005a0a11a66b5e18dbdc9d9706c79a8659bca4b2
SSDEEP

12288:yOW+knJcmjOjcGM95kHCItidNftom+6Is8z/ecA60pw04CjI/FUcaqIKp:/kTOjDM95HItiPFtIPz/FF+ItJ

Score

N/A

Malware Config

Signatures

Files

ee48b76b3eebf5ae62d44ac9e70cf99691937e5043407a6611d614b130257f8f
.exe windows x86

3c21596c6070cc98dd2fd70c3a11dcc8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

OpenMutexA
GetDriveTypeW
IsValidLocale
DeleteFileW
CreateDirectoryA
GetProcessVersion
FindAtomW
GetFileAttributesA
CreateFileW
LeaveCriticalSection
GetVolumePathNameA
InterlockedExchange
SetFileTime
PulseEvent
GetCurrentThreadId
SetFilePointer
DeleteFileW
HeapDestroy
GlobalFlags
VirtualProtectEx
GetTickCount
OpenEventW
CreateFileW
GetModuleFileNameA
GetModuleHandleA

user32

DestroyMenu
DispatchMessageA
PeekMessageA
LoadCursorA
DestroyIcon
SetRect
SetFocus
wsprintfA
IsMenu
GetWindowLongA
GetWindowLongA
GetWindowTextA
MessageBoxA

dpnhpast

DllCanUnloadNow
DllRegisterServer
DllUnregisterServer
DllGetClassObject

advapi32

IsValidAcl

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 793KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy