2e5d986413c972597c84b2b8889a3b9dbd1c4e81afb6d0a90004a25ab4c374f3 | Triage

Submit
Reports

Overview

overview

Static

static

2e5d986413...f3.exe

windows7-x64

2e5d986413...f3.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

2e5d986413c972597c84b2b8889a3b9dbd1c4e81afb6d0a90004a25ab4c374f3.exe

Resource

win7-20220812-en

persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

2e5d986413c972597c84b2b8889a3b9dbd1c4e81afb6d0a90004a25ab4c374f3.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

2e5d986413c972597c84b2b8889a3b9dbd1c4e81afb6d0a90004a25ab4c374f3
Size

192KB
MD5

672f2041b83c596f37f97315830eb34d
SHA1

29550e3906063a9ca8d444c202025de4953d7fad
SHA256

2e5d986413c972597c84b2b8889a3b9dbd1c4e81afb6d0a90004a25ab4c374f3
SHA512

a60d7b6b28261b0aea82e65ad88841b7e7976fc15e896f96a26f3866cf3bcbae743a7d9f5db1e49410a33c553659adcfc7bccee0c91d09edf5f6308dbf376f5f
SSDEEP

3072:l00I/0maej2yDUQwSt9uCYRpjQSvfuGoyfE/jXMcKRXEQo+3txpYwcvDhCgHqeog:ZIMTej2yVwSt9uZRpjQSvfuGCL8cKuQK

Score

N/A

Malware Config

Signatures

Files

2e5d986413c972597c84b2b8889a3b9dbd1c4e81afb6d0a90004a25ab4c374f3
.exe windows x86

4e4ea8299e49a9308c0a2944ae969f93

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushFileBuffers
CreateFileA
CreateEventW
GetEnvironmentStringsW
LoadLibraryA
GetModuleFileNameW
SetProcessAffinityMask
GetACP
TerminateThread
ReadFile
GetStringTypeW
OutputDebugStringW
GetLocaleInfoA
CreateProcessW
GetStringTypeA
GetConsoleOutputCP
Sleep
GlobalLock
GetOEMCP
InterlockedDecrement
WaitForSingleObject
LCMapStringW
EnumResourceTypesA
FreeEnvironmentStringsW
SetStdHandle
WriteConsoleW
WriteConsoleA
GetSystemTimeAsFileTime
WriteFile
DeleteCriticalSection
QueryPerformanceCounter
CreateHardLinkA
LCMapStringA
IsValidCodePage
InterlockedIncrement
GetEnvironmentStrings
SetEndOfFile
CreateFileW
GetCPInfo
GlobalAlloc
GlobalUnlock

imm32

ImmAssociateContext

ole32

GetHGlobalFromILockBytes
CoInitializeSecurity
CoQueryProxyBlanket
CoTaskMemFree
CoUninitialize
CoCreateInstance
CoInitializeEx
CoSetProxyBlanket
StringFromGUID2

Sections

.text
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy