40c556275356314459efee1ffddf596d6c94171ec185da87bb36df29c27517a2 | Triage

Submit
Reports

Overview

overview

8

Static

static

40c5562753...a2.exe

windows7-x64

8

40c5562753...a2.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

40c556275356314459efee1ffddf596d6c94171ec185da87bb36df29c27517a2.exe

Resource

win7-20220812-en

discovery evasion spyware stealer trojan

windows7-x64

15 signatures

150 seconds

Behavioral task

behavioral2

Sample

40c556275356314459efee1ffddf596d6c94171ec185da87bb36df29c27517a2.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

40c556275356314459efee1ffddf596d6c94171ec185da87bb36df29c27517a2
Size

560KB
MD5

5419378b4f7acd958a3f47b9a4602ca0
SHA1

fec065aa52465c4acbc555b65ddfc21b0bd1c7c8
SHA256

40c556275356314459efee1ffddf596d6c94171ec185da87bb36df29c27517a2
SHA512

fe61dc1e08167d11fdfd43be42fa6bd9cacb363cf1db3617f2063d36a7a7702f4061049f783e466b9cb5dfc58c5bb50a19141c2ff646d31f478d2393f3835fe0
SSDEEP

12288:Q/Q1PQIbMHIdtFxCaEN5XxEwxxmzCx1a2rXE1YCGq91:Q/QEgC1PXyu8Yu

Score

N/A

Malware Config

Signatures

Files

40c556275356314459efee1ffddf596d6c94171ec185da87bb36df29c27517a2
.exe windows x86

f099ca6d7a16082569eda769a37796ee

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

gdiplus

GdipGetPropertyItem

user32

CharPrevW

gdi32

CreateCompatibleBitmap

ole32

CoTaskMemAlloc

oleaut32

VarBstrFromDate

comctl32

_TrackMouseEvent

wintrust

WintrustGetRegPolicyFlags

crypt32

CryptMsgClose

rpcrt4

UuidCreateSequential

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 326KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 196KB - Virtual size: 1.3MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy