6bc5216211de169daa82030496e34b658ad2c34ec47be68b55de9730cb69ba2a | Triage

Submit
Reports

Overview

overview

8

Static

static

6bc5216211...2a.exe

windows7-x64

8

6bc5216211...2a.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

6bc5216211de169daa82030496e34b658ad2c34ec47be68b55de9730cb69ba2a.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

6bc5216211de169daa82030496e34b658ad2c34ec47be68b55de9730cb69ba2a.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

6bc5216211de169daa82030496e34b658ad2c34ec47be68b55de9730cb69ba2a
Size

773KB
MD5

2bc00885fb83c0133de0840a508271c0
SHA1

3129ee6845666227edd063a7baef1330f4025701
SHA256

6bc5216211de169daa82030496e34b658ad2c34ec47be68b55de9730cb69ba2a
SHA512

f390df3c991b1c3df21701a3f854e699935f8fe516a0712527110b31f5c16668033e87455368c448a73f2b517fdc2b2b15e9a1af0172e45a1defe21aeff1ad01
SSDEEP

12288:r6tahosp6l1L6TXuSEXAcCVKxF51Bn1yOMjDHXKUA7biyL8bj5EoQy9K1s3qaNT5:r6twosKjSfZVS5jQ6UKAHZ9K1WqaNi

Score

N/A

Malware Config

Signatures

Files

6bc5216211de169daa82030496e34b658ad2c34ec47be68b55de9730cb69ba2a
.exe windows x86

192acf5a401719b03fc96cc84adbe1fe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VirtualProtect
WriteConsoleW
GetFileAttributesW
CreatePipe
GetStdHandle
lstrlenW
GetPriorityClass
DisconnectNamedPipe
SetEvent
WriteConsoleW
ResumeThread
WriteConsoleW
GetCommandLineA
HeapDestroy
VirtualQueryEx
GetStartupInfoA
CopyFileA
DeleteFileA
lstrcpyA
GetModuleHandleA
GetProcessHeap

mmcndmgr

DllGetClassObject
DllRegisterServer
DllRegisterServer
DllCanUnloadNow

cryptui

CryptUIWizExport
CryptUIWizDigitalSign
CryptUIWizBuildCTL
WizardFree
DllRegisterServer
LocalEnrollNoDS
DllUnregisterServer
CryptUIDlgViewContext
LocalEnroll
LocalEnroll
WizardFree
CryptUIStartCertMgr
CryptUIWizImport

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 765KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.impdata
Size: 1024B - Virtual size: 769B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy