5e91044e7e41f2d56b05553a6a19448a1857e7616821cc2e1f8495aedf5dd53d | Triage

Submit
Reports

Overview

overview

Static

static

5e91044e7e...3d.exe

windows7-x64

5e91044e7e...3d.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

5e91044e7e41f2d56b05553a6a19448a1857e7616821cc2e1f8495aedf5dd53d.exe

Resource

win7-20220901-en

cybergate vítima persistence stealer trojan upx

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

5e91044e7e41f2d56b05553a6a19448a1857e7616821cc2e1f8495aedf5dd53d.exe

Resource

win10v2004-20220901-en

cybergate vítima persistence stealer trojan upx

windows10-2004-x64

18 signatures

150 seconds

General

Target

5e91044e7e41f2d56b05553a6a19448a1857e7616821cc2e1f8495aedf5dd53d
Size

831KB
MD5

68d9978a180ea288d0404f1e04b64588
SHA1

3973c24be6f0851cbfd6fffd083ca1ee6feaccb2
SHA256

5e91044e7e41f2d56b05553a6a19448a1857e7616821cc2e1f8495aedf5dd53d
SHA512

f0fb05efd155a35a30ef28ddcebce8958db3982b5a5e76bbe4383d9323c8b6a98e3c8a43bce970a3e27e2bbcd33b98cce049edc1eea52d76a24a90a4d5cd646c
SSDEEP

12288:JSUbDlCJzdQpcDVG8R87zclHyfrQpwyW/PDJmmmKJ/WPdmEOdilIjUubKmFhekBx:Q++zSpn8RKFrJ3ZJ9IIgcfX/

Score

N/A

Malware Config

Signatures

Files

5e91044e7e41f2d56b05553a6a19448a1857e7616821cc2e1f8495aedf5dd53d
.exe windows x86

f075df103f478ce035e5da43fda92dbb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
ExitProcess
CloseHandle
LoadLibraryA
LCMapStringA
GetCurrentProcess
CreateFileA

user32

CloseWindow
wsprintfA
CharLowerBuffA
SetWindowLongA
CreateWindowExA

advapi32

RegEnumKeyA
RegDeleteValueA
RegCloseKey
RegSetValueA
RegEnumValueA
RegCreateKeyA
RegOpenKeyA
RegDeleteKeyA
RegQueryValueA

Sections

.text
Size: 512KB - Virtual size: 516KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 180KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy