4051bfcd6b6cbabce5aebeb56699cd8eeca723c3ac2700d82ddd707cacf3ac28 | Triage

Submit
Reports

Overview

overview

8

Static

static

4051bfcd6b...28.exe

windows7-x64

8

4051bfcd6b...28.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

4051bfcd6b6cbabce5aebeb56699cd8eeca723c3ac2700d82ddd707cacf3ac28.exe

Resource

win7-20220901-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

4051bfcd6b6cbabce5aebeb56699cd8eeca723c3ac2700d82ddd707cacf3ac28.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

4051bfcd6b6cbabce5aebeb56699cd8eeca723c3ac2700d82ddd707cacf3ac28
Size

803KB
MD5

6ee8af797c704934727e5652ed1f3610
SHA1

94a27bd886d72f334c1f184d822395a3c14d3ace
SHA256

4051bfcd6b6cbabce5aebeb56699cd8eeca723c3ac2700d82ddd707cacf3ac28
SHA512

5bacac4d0d1ad2207989915fc098213274a061fe33fa7657258859521fb0468256ee0a274b73347c70508674a46992a06bfd4781770ab36c4b00a1b5fd4316a5
SSDEEP

12288:jFN0vIo2LAWvFVxyqVRevfk/1iexpYx2GAkTGOklC2D5YtkpcnoA5a0M3RUw:X08AWdV8qVR+fqYwGAkTGxEScoND

Score

N/A

Malware Config

Signatures

Files

4051bfcd6b6cbabce5aebeb56699cd8eeca723c3ac2700d82ddd707cacf3ac28
.exe windows x86

cb2ac07fce036616f7ddd6e15bc61036

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
FindAtomW
CreateFileW
GlobalFlags
OpenMutexA
InterlockedExchange
LeaveCriticalSection
GetDriveTypeW
CreateDirectoryA
GetModuleFileNameA
GetModuleHandleA
PulseEvent
GetTickCount
VirtualProtectEx
OpenEventW
GetConsoleMode
GetCurrentThreadId
GetFileAttributesA
DeleteFileW
SetFileTime
DeleteFileW
GetVolumePathNameA
CreateFileW
HeapDestroy
GetProcessVersion

user32

LoadCursorA
PeekMessageA
DispatchMessageA
SetFocus
DestroyIcon
IsMenu
GetWindowLongA
MessageBoxA
SetRect
GetWindowTextA
DestroyMenu
wsprintfA
GetWindowLongA

dot3msm

Dot3MsmFreeProfile
DllMain
Dot3MsmDeInit
Dot3MsmDisconnect

advapi32

IsValidAcl

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 793KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy