91dabb8b8ff0ab4230a77d03d4ff710b8b740bc75d1110207bb5a58397fc154b | Triage

Submit
Reports

Overview

overview

7

Static

static

91dabb8b8f...4b.exe

windows7-x64

7

91dabb8b8f...4b.exe

windows10-2004-x64

7

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

91dabb8b8ff0ab4230a77d03d4ff710b8b740bc75d1110207bb5a58397fc154b.exe

Resource

win7-20220812-en

spyware stealer

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

91dabb8b8ff0ab4230a77d03d4ff710b8b740bc75d1110207bb5a58397fc154b.exe

Resource

win10v2004-20220812-en

spyware stealer

windows10-2004-x64

2 signatures

150 seconds

General

Target

91dabb8b8ff0ab4230a77d03d4ff710b8b740bc75d1110207bb5a58397fc154b
Size

18KB
MD5

6f02ef5b373593e5d17fa4e868d8c4f0
SHA1

7f33f0ccd5ca8142cdf288e84029714f867d231f
SHA256

91dabb8b8ff0ab4230a77d03d4ff710b8b740bc75d1110207bb5a58397fc154b
SHA512

3f0d7b5400d3838aa592294ae994d1a5da9b8feb404834ffcb04b5c427af1c6aa2f3a7eb71711e297da18091a723684352eb2b7304fc000f653776242e15b0fe
SSDEEP

192:qkvC07xAAP1k4fMQSaj9yQlnMEkHuln/tdQLw3PrnLD+5C42cN24iqjeaNE:qkvJ7xAAP1k42aByQOlHqhnLoCGw2E

Score

N/A

Malware Config

Signatures

Files

91dabb8b8ff0ab4230a77d03d4ff710b8b740bc75d1110207bb5a58397fc154b
.exe windows x86

015d4cf1868e1ae1e75f947da53c2932

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenProcess
MoveFileExA
GetTempFileNameA
WriteFile
CloseHandle
ReadFile
SetFilePointer
CreateFileA
lstrlenA
GetDriveTypeA
GetCommandLineA
TerminateProcess
Sleep
GetModuleFileNameA
MoveFileA
GetLastError
DeleteFileA
GetTickCount
GetLogicalDriveStringsA
GetCurrentThreadId
CreateToolhelp32Snapshot
Process32First
GetModuleHandleA
Process32Next

user32

wsprintfA
GetInputState
PostThreadMessageA
GetMessageA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegEnumValueA

dbghelp

SearchTreeForFile

msvcrt

sprintf
??2@YAPAXI@Z
memset
??3@YAXPAX@Z
strstr
strncpy
strcpy
exit
_stricmp
_access

Sections

.data
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy