ffe6a638f9cec657fff843af579043575de2cf97b1159fa0b9a1d54a6c40df0e | Triage

Submit
Reports

Overview

overview

8

Static

static

ffe6a638f9...0e.exe

windows7-x64

8

ffe6a638f9...0e.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

ffe6a638f9cec657fff843af579043575de2cf97b1159fa0b9a1d54a6c40df0e.exe

Resource

win7-20220901-en

persistence spyware stealer upx

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

ffe6a638f9cec657fff843af579043575de2cf97b1159fa0b9a1d54a6c40df0e.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

ffe6a638f9cec657fff843af579043575de2cf97b1159fa0b9a1d54a6c40df0e
Size

637KB
MD5

6f20bfa2b5b690049153e5520269555b
SHA1

58b03119aee34ab4f98ea91cd9e9d849bb1683f5
SHA256

ffe6a638f9cec657fff843af579043575de2cf97b1159fa0b9a1d54a6c40df0e
SHA512

3766f2ae106b2c07ec5701abe0d32ede81a997f242f935fbf55ca9d59952e88bdeafeba7ca845639149823397ac095abef52f2a2a575a24c8791098e8ddac54d
SSDEEP

12288:4EWMadSLnNiPUJLHb5h+jqfi8ayQu2NjE8UIZd/AOz7pqN5I0kHUQSA:TXLnEMJjqWq8MNgBIrhc5GZSA

Score

N/A

Malware Config

Signatures

Files

ffe6a638f9cec657fff843af579043575de2cf97b1159fa0b9a1d54a6c40df0e
.exe windows x86

a3f443859bba26bc926d95de932c7202

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
GetConsoleCP
CompareFileTime
InterlockedExchange
TlsGetValue
HeapReAlloc
FindAtomA
VirtualProtect
lstrlenA
GetStdHandle
TlsFree
GetModuleHandleA
WaitForSingleObject
GetACP
GetTickCount
HeapWalk
GetProfileIntA
LoadLibraryA
GlobalUnlock
GetAtomNameA
CloseHandle

user32

GetMenu
ShowWindow
GetScrollRange
InsertMenuA
EnableScrollBar
SubtractRect
SetWindowPos
PostQuitMessage
PaintDesktop
GetDlgItem
GetKeyboardLayout
CreateCaret
CopyRect
GetWindowTextA
SetPropA
TranslateMessage
ModifyMenuA
GetMenuStringA
PostMessageA
DestroyMenu
UpdateWindow
DispatchMessageA
InflateRect
MessageBoxA
EqualRect
DialogBoxParamA
LoadIconA

msi

MsiEnumClientsA
MsiCloseHandle
MsiGetMode
MsiEnumProductsA
MsiDoActionA

ws2_32

WSAAccept

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy