0409fb9e1f7c29e2e4be26c4bd959a855e302858332587c6a35e4dec52b69d17 | Triage

Submit
Reports

Overview

overview

8

Static

static

0409fb9e1f...17.exe

windows7-x64

8

0409fb9e1f...17.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

0409fb9e1f7c29e2e4be26c4bd959a855e302858332587c6a35e4dec52b69d17.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

0409fb9e1f7c29e2e4be26c4bd959a855e302858332587c6a35e4dec52b69d17.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

0409fb9e1f7c29e2e4be26c4bd959a855e302858332587c6a35e4dec52b69d17
Size

837KB
MD5

48d9b3b44435df7b099097105b6e6160
SHA1

e1be302df9b12aab3e3b37e57ac1faabcae8ed30
SHA256

0409fb9e1f7c29e2e4be26c4bd959a855e302858332587c6a35e4dec52b69d17
SHA512

0d92c7a40f18ea932cdae24e8d3057a87bf893372abc906f342188396a0cee53601eb9d2dcf406e60a24b8d0fe9c240a932719a132d8373a39a539f192c0dc90
SSDEEP

12288:ZP0GOEexjxnCmMATz/pSTTRUDhT0JJi4zOOqIcIkcPH6WCjW4ckZlTcRmNbwUl:ZP149R/kTRUDhT66j3IrCjpWRmNkU

Score

N/A

Malware Config

Signatures

Files

0409fb9e1f7c29e2e4be26c4bd959a855e302858332587c6a35e4dec52b69d17
.exe windows x86

0bfcce49768fd313d7ab18b0300f0ab8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrlenW
GetTickCount
CreateMutexW
HeapCreate
SetEnvironmentVariableA
LoadLibraryA
GetStringTypeA
lstrcatW
WriteConsoleW
GetCurrentProcess
CreateEventA
SetStdHandle
HeapFree
GetVolumeInformationW
OpenEventW
GetShortPathNameW
GetDiskFreeSpaceW
GetVolumePathNameA
GetPrivateProfileIntW

netshell

HrRenameConnection
HrCreateDesktopIcon
NcFreeNetconProperties
HrLaunchConnection

Sections

.code
Size: 23KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pdata
Size: 3KB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.ndata
Size: 802KB - Virtual size: 802KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 6KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy