2aaf722d12a038f1c6213852ce901cefbcdc1f4e9ace42ac0ab800e1fd8e0719 | Triage

Submit
Reports

Overview

overview

8

Static

static

2aaf722d12...19.exe

windows7-x64

8

2aaf722d12...19.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

2aaf722d12a038f1c6213852ce901cefbcdc1f4e9ace42ac0ab800e1fd8e0719.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

2aaf722d12a038f1c6213852ce901cefbcdc1f4e9ace42ac0ab800e1fd8e0719.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

2aaf722d12a038f1c6213852ce901cefbcdc1f4e9ace42ac0ab800e1fd8e0719
Size

800KB
MD5

403c25d82e920796396ed921b7fe12e0
SHA1

e72a91e4e16072b98d381cda355526956ccf5d43
SHA256

2aaf722d12a038f1c6213852ce901cefbcdc1f4e9ace42ac0ab800e1fd8e0719
SHA512

ee6aa6752c2bbfab112556c185cd6fb44fc9f6bb165179e535a347b85912dcc56e9a294466378107b425aab9654cea82f928bd7e405e7aa1756dd23f49f2699c
SSDEEP

12288:K0ekz7x9pSlBTzVmvObZKhsJjihkPgFatGsRSuPH4g2/oAhisVpPtlE7ECUQM8S:K0rz7AlBmOoquF2Scd2/6ypPrE7xM8

Score

N/A

Malware Config

Signatures

Files

2aaf722d12a038f1c6213852ce901cefbcdc1f4e9ace42ac0ab800e1fd8e0719
.exe windows x86

071f7a465f8cdf874b38cd13838ecce0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetPriorityClass
GetModuleHandleA
HeapSize
SuspendThread
ReadConsoleW
GetStdHandle
GetLocaleInfoA
ResumeThread
GlobalSize
GetDriveTypeA
WriteFile
GetCommandLineA
GetProcessHeap
SetLocalTime
IsBadReadPtr
GetFileAttributesW
CreateDirectoryA
CreatePipe
VirtualProtect
DeleteFileA
ResumeThread

user32

DestroyMenu
GetWindowTextW
SetRect
GetWindowLongA
SetCursor
wsprintfA
GetMessageA
DispatchMessageA
PeekMessageA
DrawIcon
GetWindowLongA
DestroyIcon
LoadCursorA

els

DllUnregisterServer
DllUnregisterServer
DllGetClassObject
DllRegisterServer

rasapi32

DwCloneEntry

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 794KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy