1395e198f628d08b49c6ef4bf28aed9a6976b92e869aedabe63a6b45080dd1e8 | Triage

Submit
Reports

Overview

overview

8

Static

static

1395e198f6...e8.exe

windows7-x64

8

1395e198f6...e8.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

1395e198f628d08b49c6ef4bf28aed9a6976b92e869aedabe63a6b45080dd1e8.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

1395e198f628d08b49c6ef4bf28aed9a6976b92e869aedabe63a6b45080dd1e8.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

1395e198f628d08b49c6ef4bf28aed9a6976b92e869aedabe63a6b45080dd1e8
Size

796KB
MD5

6b9ac44d06637afd102c3a7db58f4e3a
SHA1

73da85737cf4cc3cffdf39b8a5fa3660c0d1e5c3
SHA256

1395e198f628d08b49c6ef4bf28aed9a6976b92e869aedabe63a6b45080dd1e8
SHA512

86b0d5b96b8c4a42b7c10dd14689762c002ba4c7318ee91a85ad209d5e23a298cec48801c31b55019f75867eedd5cb3a244539044d869159348543d83bdf0f41
SSDEEP

24576:y0b/C4jE6NZz/o6oJ43FYJ01xKGOrqK5I4A:y0b/C4tJRFU0zKB6

Score

N/A

Malware Config

Signatures

Files

1395e198f628d08b49c6ef4bf28aed9a6976b92e869aedabe63a6b45080dd1e8
.exe windows x86

9031fc148a613a93f575552d017c29d9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeleteFileA
GetCommandLineA
RemoveDirectoryA
ResetEvent
ReadConsoleW
GetDriveTypeW
CreateMailslotA
CreateDirectoryA
SetLastError
VirtualProtect
IsBadWritePtr
CancelIo
WriteFile
GetFileAttributesA
GetModuleHandleA
ReleaseMutex
SetLocalTime
GetProcessHeap
GetLocaleInfoA
GetStdHandle
HeapSize

user32

GetWindowTextW
GetCapture
DestroyMenu
LoadCursorA
GetCaretPos
wsprintfA
DispatchMessageA
PeekMessageA
DrawIcon
SetCursor
GetWindowLongW
PostMessageA
SetFocus

els

DllRegisterServer
DllGetClassObject
DllRegisterServer
DllGetClassObject

rasapi32

DwRasUninitialize

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 789KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imp
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy