6e04d96f93971886540e0dc52f41e7abba952f4c33fd6728cca91a9ca6770a5f | Triage

Submit
Reports

Overview

overview

8

Static

static

6e04d96f93...5f.exe

windows7-x64

8

6e04d96f93...5f.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

6e04d96f93971886540e0dc52f41e7abba952f4c33fd6728cca91a9ca6770a5f.exe

Resource

win7-20220812-en

persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

6e04d96f93971886540e0dc52f41e7abba952f4c33fd6728cca91a9ca6770a5f.exe

Resource

win10v2004-20220812-en

persistence spyware stealer upx

windows10-2004-x64

4 signatures

150 seconds

General

Target

6e04d96f93971886540e0dc52f41e7abba952f4c33fd6728cca91a9ca6770a5f
Size

187KB
MD5

63ec9d5ec9301b5e9102d719154133f4
SHA1

752d7cef63f644411051c2d9364e7719c1edd7b7
SHA256

6e04d96f93971886540e0dc52f41e7abba952f4c33fd6728cca91a9ca6770a5f
SHA512

bdddf553ce58a9b667f9cff1ebd268bb83e21b4ce8b2823615171ca1cc7fa2f89bda388c5bbc190fcf7c4d559947746eaecccdaafb1081ffa68a3aa8c8f0a0ab
SSDEEP

3072:k35JUwZ5VzZwdPANvoXIJ0ohIT+UbRs/Zy23iQ+D8XjhwtWA9pxOz:kJ+wtZwd4e42qIrRK8Ehwt193

Score

N/A

Malware Config

Signatures

Files

6e04d96f93971886540e0dc52f41e7abba952f4c33fd6728cca91a9ca6770a5f
.exe windows x86

7726f017a3970f19e6913a556bc4cc2d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
QueryMemoryResourceNotification
CreateEventA
LoadLibraryA
IsDBCSLeadByte
CreateThread
GetCurrentProcess
lstrcpynA
GetModuleFileNameA
CompareStringW
LoadResource
InterlockedDecrement
LocalFree
FormatMessageA
OpenProcess
CompareStringA
EnumResourceTypesW
DeleteCriticalSection
lstrcatA
InterlockedIncrement
SetEvent
CloseHandle
HeapAlloc
InitializeCriticalSection
EnterCriticalSection
WaitForSingleObject
lstrcmpiA
GetCurrentThreadId
GetVersion
GetComputerNameA
SizeofResource
GetPrivateProfileSectionNamesA
lstrcpyA
FindResourceA
GetCurrentThread
lstrlenA
TerminateThread
GetModuleHandleA
LeaveCriticalSection
lstrlenW
RaiseException

winmm

timeGetTime
timeSetEvent

oleacc

CreateStdAccessibleObject

ole32

OleTranslateAccelerator
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoTaskMemRealloc

Sections

.text
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy