b7e7b53dfbbb1fb3981f09411c12a89106542467a6e81fb37d9c890d30706f24 | Triage

Submit
Reports

Overview

overview

8

Static

static

b7e7b53dfb...24.exe

windows7-x64

8

b7e7b53dfb...24.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

b7e7b53dfbbb1fb3981f09411c12a89106542467a6e81fb37d9c890d30706f24.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

b7e7b53dfbbb1fb3981f09411c12a89106542467a6e81fb37d9c890d30706f24.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

b7e7b53dfbbb1fb3981f09411c12a89106542467a6e81fb37d9c890d30706f24
Size

804KB
MD5

71b1157fc3da47c215f7c85f8fdc71f0
SHA1

5055f9acfe056c55b5cf8295734980d5bf560498
SHA256

b7e7b53dfbbb1fb3981f09411c12a89106542467a6e81fb37d9c890d30706f24
SHA512

b2d450b8ce549c5b43b84381917084280517a13f3bec58a4dda56d70b25e92cb061f372b6b1630d341c65b0e1b69518ebd79a4d4b03cc23944a26552da0339e6
SSDEEP

12288:DqenyOOoq6vFFVT6nZ9iTFviM79aR4hN+PjYEKHS0tmSCxZ02Rof3+94:9yOOoFD1K9qaAgR4KKtd0Z0sW+

Score

N/A

Malware Config

Signatures

Files

b7e7b53dfbbb1fb3981f09411c12a89106542467a6e81fb37d9c890d30706f24
.exe windows x86

3cd9a94c620b138155f906596d15140b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetVolumePathNameA
SetFilePointer
DeleteFileW
AddAtomA
CreateFileW
InterlockedExchange
GetModuleFileNameA
IsValidLocale
GetFileAttributesA
GetDriveTypeW
GetTickCount
OpenMutexW
GetProcessVersion
OpenEventW
CreateDirectoryA
CreateFileW
GetCurrentThreadId
DeleteFileW
PulseEvent
SetFileTime
HeapDestroy
GlobalFlags
VirtualProtectEx
LeaveCriticalSection
GetModuleHandleA

user32

SetFocus
DestroyIcon
SetRect
wsprintfA
IsMenu
GetWindowTextA
LoadCursorA
MessageBoxA
DestroyMenu
GetWindowLongA
DispatchMessageA
PeekMessageA
GetWindowLongA

dbnetlib

ConnectionOpen
InitSession
ConnectionError
ConnectionClose

advapi32

IsValidAcl

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 794KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy