96c40e860b4781c7eb8350798375b461ebbb664b36b34711a4edfc48db538989 | Triage

Submit
Reports

Overview

overview

Static

static

96c40e860b...89.exe

windows7-x64

96c40e860b...89.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

96c40e860b4781c7eb8350798375b461ebbb664b36b34711a4edfc48db538989.exe

Resource

win7-20220812-en

persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

96c40e860b4781c7eb8350798375b461ebbb664b36b34711a4edfc48db538989.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

96c40e860b4781c7eb8350798375b461ebbb664b36b34711a4edfc48db538989
Size

192KB
MD5

030cc0e6bfb2f92f7ae9f229dddc93a0
SHA1

198a8e817f52b6a129341e9e730cc384789805ac
SHA256

96c40e860b4781c7eb8350798375b461ebbb664b36b34711a4edfc48db538989
SHA512

1ad69f17d8c92ea1da831d8fda17a66c6f71bae62d5437c3f5d744d14c3be397dfc2cf3f8a6e3a9c9b1e1b684ce8d0ac14159f10c0a051d05010511642a8e827
SSDEEP

3072:bFP6FYUcLVcEaA5iOM48sKUR8TlqVplnZBsG5At9MHd9iK9LkOZaZQU0nAeImt7:+YUcO6nM5D+VZtAsn9Q4a0Aot7

Score

N/A

Malware Config

Signatures

Files

96c40e860b4781c7eb8350798375b461ebbb664b36b34711a4edfc48db538989
.exe windows x86

ea7d9f968d8187d934e1a89fd6fbeb5c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmAssociateContext

ole32

GetHGlobalFromILockBytes
CoTaskMemFree
CoInitializeSecurity
CoSetProxyBlanket
CoCreateInstance
CoUninitialize
CoInitializeEx
CoQueryProxyBlanket
StringFromGUID2

kernel32

SetStdHandle
QueryPerformanceCounter
GetEnvironmentStringsW
CreateEventW
GlobalAlloc
SetProcessAffinityMask
GetCPInfo
ReadFile
CreateFileW
GetSystemTimeAsFileTime
GetStringTypeW
TerminateThread
LCMapStringA
InterlockedIncrement
DeleteCriticalSection
FlushFileBuffers
EnumResourceTypesA
GlobalLock
Sleep
GetEnvironmentStrings
IsValidCodePage
LCMapStringW
WaitForSingleObject
WriteFile
GetOEMCP
OutputDebugStringW
InterlockedDecrement
CreateFileA
WaitNamedPipeA
WriteConsoleA
GetConsoleOutputCP
LoadLibraryA
GetStringTypeA
SetEndOfFile
WriteConsoleW
GetACP
GetLocaleInfoA
FreeEnvironmentStringsW
CreateProcessW
GetModuleFileNameW
GlobalUnlock

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy