b9445f560663887cdb316271a2f3b9a4e6ba0e8349ccd85fb8763fa42e5eed18 | Triage

Submit
Reports

Overview

overview

8

Static

static

b9445f5606...18.exe

windows7-x64

8

b9445f5606...18.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

b9445f560663887cdb316271a2f3b9a4e6ba0e8349ccd85fb8763fa42e5eed18.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

b9445f560663887cdb316271a2f3b9a4e6ba0e8349ccd85fb8763fa42e5eed18.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

b9445f560663887cdb316271a2f3b9a4e6ba0e8349ccd85fb8763fa42e5eed18
Size

796KB
MD5

6b5a0df4f765f92409dd0c4bd9296b41
SHA1

1de0ab940a2fff8fcacce5b16a57bb432e666235
SHA256

b9445f560663887cdb316271a2f3b9a4e6ba0e8349ccd85fb8763fa42e5eed18
SHA512

e5d9d68aebc2ae52282ee572de6913f05ad7b49fe164a7875ebe2b61032156c5494f4912218ddc7d2e696802d12a7e42a9fda18ecce9567411a6453f5af990ad
SSDEEP

12288:2tMfNjGtpfnorIXoQum/ZniEZoDsjQLobdBUXiOE5HgFuT/2/D1Cwb5s:4MfNQRor6oQHJ1QSwqhb2bB

Score

N/A

Malware Config

Signatures

Files

b9445f560663887cdb316271a2f3b9a4e6ba0e8349ccd85fb8763fa42e5eed18
.exe windows x86

cffd2fa813614667b86566d614f535b1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ResetEvent
CreateDirectoryA
SetLastError
ReleaseMutex
GetFileAttributesA
GetProcessHeap
GetLocaleInfoA
GetModuleHandleA
GetDriveTypeW
HeapSize
CancelIo
GetStdHandle
CreateMailslotA
GetCommandLineA
ReadConsoleW
DeleteFileA
VirtualProtect
WriteFile
SetLocalTime
IsBadWritePtr
RemoveDirectoryA

user32

wsprintfA
GetWindowLongW
DispatchMessageA
SetFocus
GetCapture
SetCursor
GetCaretPos
PostMessageA
DrawIcon
DestroyMenu
GetWindowTextW
PeekMessageA
LoadCursorA

els

DllRegisterServer
DllRegisterServer
DllGetClassObject
DllGetClassObject

rasapi32

DwRasUninitialize

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 789KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imp
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy