3fba8202cb5bf37c245ba6f38b791ea85d9a41b4d8d05d0815ac7893dc86709d | Triage

Submit
Reports

Overview

overview

8

Static

static

3fba8202cb...9d.exe

windows7-x64

8

3fba8202cb...9d.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

3fba8202cb5bf37c245ba6f38b791ea85d9a41b4d8d05d0815ac7893dc86709d.exe

Resource

win7-20220901-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

3fba8202cb5bf37c245ba6f38b791ea85d9a41b4d8d05d0815ac7893dc86709d.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

3fba8202cb5bf37c245ba6f38b791ea85d9a41b4d8d05d0815ac7893dc86709d
Size

799KB
MD5

66ade82213cc55e1b0f98fe582210f30
SHA1

f6526e4f5a13b86c08ec65a4b8266d15f76efb1c
SHA256

3fba8202cb5bf37c245ba6f38b791ea85d9a41b4d8d05d0815ac7893dc86709d
SHA512

5a943304c6b4d730b4469073afe4f68b3183d3f1a35bf0471abda8b0a26005b44e8c738aa2dc5348f92434d3620b67fe43561068a813ea2a09ff2f6bccf9ba39
SSDEEP

12288:YaWVSDfGxQxxUwYou5MY8EmScrBTTKiF8w+lnOgd2sAgtS1DmHwCniZwsuZZA4th:YgeCD+H8EmLTjKw+JOsAggD2nZAc

Score

N/A

Malware Config

Signatures

Files

3fba8202cb5bf37c245ba6f38b791ea85d9a41b4d8d05d0815ac7893dc86709d
.exe windows x86

5091e003e09b8bb63421486a1b57b816

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeleteFileA
WriteFile
GetStdHandle
HeapSize
ResumeThread
GlobalSize
ReadConsoleW
GetModuleHandleA
GetCommandLineA
VirtualProtect
SetLocalTime
GetFileAttributesA
GetDriveTypeA
SuspendThread
ResumeThread
CreatePipe
CreateDirectoryA
GetLocaleInfoA
GetProcessHeap
GetPriorityClass
IsBadReadPtr

user32

GetWindowLongA
SetCursor
PeekMessageA
DispatchMessageA
LoadCursorA
DestroyMenu
SetRect
GetWindowLongA
wsprintfA
DrawIcon
GetWindowTextW
DestroyIcon
GetMessageA

els

DllGetClassObject
DllUnregisterServer
DllUnregisterServer
DllRegisterServer

rasapi32

DwCloneEntry

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 793KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy