a283b5e6a03747ed426e73b1646c93b37ab10c959aee39d8f029f4876959e6d0 | Triage

Submit
Reports

Overview

overview

8

Static

static

a283b5e6a0...d0.exe

windows7-x64

8

a283b5e6a0...d0.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

a283b5e6a03747ed426e73b1646c93b37ab10c959aee39d8f029f4876959e6d0.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

a283b5e6a03747ed426e73b1646c93b37ab10c959aee39d8f029f4876959e6d0.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

2 signatures

150 seconds

General

Target

a283b5e6a03747ed426e73b1646c93b37ab10c959aee39d8f029f4876959e6d0
Size

809KB
MD5

3394a5c88d298332d95164aa6b7c45e0
SHA1

e6060e7815d5e68484063e600b34d4ad05f4b456
SHA256

a283b5e6a03747ed426e73b1646c93b37ab10c959aee39d8f029f4876959e6d0
SHA512

795339676ae85ec7d38b4d6e6ce5685a9c4e2860bfae78b59ab6b3175cd626e6cfac4d23e4ac5cf73ff3e11012bb709ecd25e95910a617ffba446f618266ded0
SSDEEP

24576:v5IpsEz3Z9zctv63tVInd6SqSGo5Wn5U6xU:v+J9zctvW2kS5V2U6xU

Score

N/A

Malware Config

Signatures

Files

a283b5e6a03747ed426e73b1646c93b37ab10c959aee39d8f029f4876959e6d0
.exe windows x86

6e7d7fc48e200b9ee68635dc5f5ba3f6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetFileSize
EnterCriticalSection
GetModuleFileNameA
GetEnvironmentStringsW
GetModuleHandleA
GetStartupInfoA
VirtualProtect
CloseHandle
Sleep
lstrlenW
DeleteFileA
GetConsoleTitleA
GetConsoleTitleA
CreateDirectoryA
CreateFileA
TlsGetValue
GetTickCount
GlobalFree
CreateDirectoryA
WriteConsoleW
CancelIo
ReadFile
RemoveDirectoryA
CancelIo

user32

GetClassInfoA
GetWindowLongA
GetSysColor
IsWindowEnabled
DispatchMessageA
wsprintfA
MessageBoxA
DestroyMenu
IsWindow
GetWindowLongA
PeekMessageA
CreateIcon
IsWindowVisible

cmutil

??_FCIniW@@QAEXXZ
??_FCIniA@@QAEXXZ
??1CIniW@@QAE@XZ
??1CIniA@@QAE@XZ

advapi32

RegCloseKey

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 800KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy