e9a4bf15ab0d8120a9414417fbf3aa818020f5a4baaf9fc8741a5e86fbc6376b | Triage

Submit
Reports

Overview

overview

8

Static

static

e9a4bf15ab...6b.exe

windows7-x64

8

e9a4bf15ab...6b.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

e9a4bf15ab0d8120a9414417fbf3aa818020f5a4baaf9fc8741a5e86fbc6376b.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

e9a4bf15ab0d8120a9414417fbf3aa818020f5a4baaf9fc8741a5e86fbc6376b.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

e9a4bf15ab0d8120a9414417fbf3aa818020f5a4baaf9fc8741a5e86fbc6376b
Size

804KB
MD5

78cd244f0553f15d63f863d59fbfbc10
SHA1

43e15faff4f84793ab3ef5457ee9f3d44f75d810
SHA256

e9a4bf15ab0d8120a9414417fbf3aa818020f5a4baaf9fc8741a5e86fbc6376b
SHA512

9be2c9476773bbd6e269934feade345e21ef9054b7161d709239bcae7c7057b423e00ade7a8748d16d2f6960651db338184fa322d6bdd981bace2e6215f2fc0d
SSDEEP

12288:zqAoTTTi5/MOYs1507E6RhTzjtvuOt3JL9hWnnoEx0b0XIFydlahYHILBb/++J46:mAo6oZ7JFzpXZExUyehbtwFk+dvI

Score

N/A

Malware Config

Signatures

Files

e9a4bf15ab0d8120a9414417fbf3aa818020f5a4baaf9fc8741a5e86fbc6376b
.exe windows x86

e15cedfc87dd6c02e6d895133123b0bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetDriveTypeW
CreateDirectoryA
OpenMutexW
DeleteFileW
GlobalFlags
VirtualProtectEx
DeleteFileW
GetProcessVersion
AddAtomA
IsValidLocale
HeapDestroy
GetModuleFileNameA
GetTickCount
SetFileTime
CreateFileW
GetCurrentThreadId
PulseEvent
GetVolumePathNameA
GetModuleHandleA
GetFileAttributesA
CreateFileW
InterlockedExchange
OpenEventW
LeaveCriticalSection
SetFilePointer

user32

DestroyMenu
GetWindowLongA
IsMenu
SetFocus
wsprintfA
DispatchMessageA
GetWindowTextA
SetRect
MessageBoxA
GetWindowLongA
PeekMessageA
LoadCursorA
DestroyIcon

dbnetlib

InitSession
ConnectionError
ConnectionClose
ConnectionOpen

advapi32

IsValidAcl

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 794KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy