1b82f27b3a40eb3615e2f031e727b9260776cb1190afca715f3f5489de88f171 | Triage

Submit
Reports

Overview

overview

8

Static

static

1b82f27b3a...71.exe

windows7-x64

8

1b82f27b3a...71.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

1b82f27b3a40eb3615e2f031e727b9260776cb1190afca715f3f5489de88f171.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

1b82f27b3a40eb3615e2f031e727b9260776cb1190afca715f3f5489de88f171.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

1b82f27b3a40eb3615e2f031e727b9260776cb1190afca715f3f5489de88f171
Size

805KB
MD5

053d741fa628531f2962832099e6f5b1
SHA1

fe97602b53bd90297df5b77ea30ffd851a809000
SHA256

1b82f27b3a40eb3615e2f031e727b9260776cb1190afca715f3f5489de88f171
SHA512

7b1c41c7a1cf536508470c2eda9892818079be712b85b7fde7072967fc172a9ff128e97f1c5bccd95b6b07c1777f641760fa76a168e8a9b6bbed1da61b291201
SSDEEP

12288:7a6E6AX4u3FKcI4cHjBnCHW3vCcm7bwdNFzCCILWC1hFVwA15Bgg0:gX4uFr8kHW/jUcdNFzaSCjFVw65Bl

Score

N/A

Malware Config

Signatures

Files

1b82f27b3a40eb3615e2f031e727b9260776cb1190afca715f3f5489de88f171
.exe windows x86

75a9161359cc278a321af94bb2e620c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CreateDirectoryA
lstrlenA
OpenEventW
CreateFileW
SetEvent
VirtualProtectEx
GetModuleHandleA
GetVolumePathNameW
PulseEvent
GetModuleFileNameA
AddAtomA
GetFileAttributesW
DeleteFileW
DeleteFileW
LeaveCriticalSection
CreateFileW
GlobalFlags
GetCurrentThreadId
SetFilePointer
GetTickCount
IsValidLocale
SetFileTime
InterlockedExchange
OpenMutexW
HeapDestroy

user32

IsMenu
SetFocus
DestroyMenu
wsprintfA
DestroyIcon
GetWindowTextA
DispatchMessageA
GetWindowLongA
SetRect
GetWindowLongA
LoadCursorA
MessageBoxA
PeekMessageA

dmdskmgr

DllRegisterServer
DllCanUnloadNow
DllGetClassObject
?namecmp@@YGHPBG0@Z

advapi32

IsValidAcl

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 795KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy