78a0059540afcfcf2d048e88cfeb287d33e61ccf3ec8d81565566bb88cf63e8b | Triage

Submit
Reports

Overview

overview

8

Static

static

78a0059540...8b.exe

windows7-x64

8

78a0059540...8b.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

78a0059540afcfcf2d048e88cfeb287d33e61ccf3ec8d81565566bb88cf63e8b.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

78a0059540afcfcf2d048e88cfeb287d33e61ccf3ec8d81565566bb88cf63e8b.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

78a0059540afcfcf2d048e88cfeb287d33e61ccf3ec8d81565566bb88cf63e8b
Size

775KB
MD5

67eb61e698bb0af969d60935154b5e50
SHA1

cffef75d4da5aa2811f55c3684cf487802e0ab6c
SHA256

78a0059540afcfcf2d048e88cfeb287d33e61ccf3ec8d81565566bb88cf63e8b
SHA512

a75937b5be8f7f2e2bb5a72d6995a724df999408c6cc0e513f808882216c292c466222a95271ad5c6002ad5d30b41ed95b3aa78f9256fa7e9e739a234f256fdf
SSDEEP

12288:UE3IBUCLpGceb1NnBDJUwPGOyzsQ0Aqis2N+2Qbngq/J/klGNVdi8mT47V+66Fsw:cBUCds5eOyAQ0D99/aPXT4p/6FsAB

Score

N/A

Malware Config

Signatures

Files

78a0059540afcfcf2d048e88cfeb287d33e61ccf3ec8d81565566bb88cf63e8b
.exe windows x86

1fcadce3ca72b72dbb3cb6cce4e3af7f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ClearCommBreak
GetModuleHandleA
GetLastError
WriteConsoleW
GetFileAttributesA
CreatePipe
GetStdHandle
GetStartupInfoA
CopyFileW
WriteConsoleW
SetEvent
IsDebuggerPresent
HeapCreate
DisconnectNamedPipe
SuspendThread
CloseHandle
lstrlenW
lstrcpyW
GetPriorityClass
GetCurrentDirectoryA
WriteConsoleW

msftedit

RichListBoxWndProc
RichComboBoxWndProc
RichEditWndProc
SetCustomTextOutHandlerEx

shell32

DllUnregisterServer
DragFinish
ShellMessageBoxA
ShellAboutA
DragQueryFileA
ExtractIconA
SHGetSettings
DragAcceptFiles
DuplicateIcon
SHFree
StrChrA
SHGetMalloc
SHGetDiskFreeSpaceA

msasn1

ASN1BERDecBool

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 766KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.orpc
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy