5bebb4b32205de59d0541c5018f6c0232dd5f6783e19be3c36f7e1670d02504f | Triage

Submit
Reports

Overview

overview

Static

static

5bebb4b322...4f.exe

windows7-x64

5bebb4b322...4f.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

5bebb4b32205de59d0541c5018f6c0232dd5f6783e19be3c36f7e1670d02504f.exe

Resource

win7-20220812-en

persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

5bebb4b32205de59d0541c5018f6c0232dd5f6783e19be3c36f7e1670d02504f.exe

Resource

win10v2004-20220812-en

persistence spyware stealer upx

windows10-2004-x64

4 signatures

150 seconds

General

Target

5bebb4b32205de59d0541c5018f6c0232dd5f6783e19be3c36f7e1670d02504f
Size

175KB
MD5

5bf83a2f89b9db6f5ff1dcec30e1765e
SHA1

5f997559af7dcc0b2e1bccdbabe22821baa6675f
SHA256

5bebb4b32205de59d0541c5018f6c0232dd5f6783e19be3c36f7e1670d02504f
SHA512

bec438d52e09e7e7325ea69b7e84147624769f1becacaf891dea36751fc86cd2cc6a695cdc8690083a310b5477c781fd814e5acb69103c49084b36823b5854a0
SSDEEP

3072:Tmnyd0Y3TB2CI7RtA70Ax+lYVGl+wzYIf1ZSJqic1p/u4TPVkoMj:TmnydvV2CERaonYVG0IHSJY1p/u45k

Score

N/A

Malware Config

Signatures

Files

5bebb4b32205de59d0541c5018f6c0232dd5f6783e19be3c36f7e1670d02504f
.exe windows x86

ec4b964defb1326eaa9051f13c56d949

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Depth
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyA
CM_Get_DevNode_Status

user32

wsprintfW
GetWindowTextA
EnumWindows
IsWindowVisible
GetWindowThreadProcessId
wsprintfA

kernel32

CloseHandle
LoadLibraryW
SizeofResource
EnumResourceLanguagesA
GlobalAddAtomW
LocalFree
HeapFree
GetModuleHandleA
GetCommandLineA
SetLastError
GetProcAddress
FindFirstFileW
LockResource
GetLastError
EnumResourceNamesA
FormatMessageA
GetProcessHeap
FindResourceExA
EnumResourceTypesA
LoadResource
RaiseException
HeapAlloc
GetCurrencyFormatA
InterlockedExchange
FindNextFileW
GlobalFree
MultiByteToWideChar
GetCurrentDirectoryA
FindFirstFileA
EnumResourceNamesA
Sleep

Sections

.text
Size: 93KB - Virtual size: 484KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy