e870cfa9eed12d331e8e010edb530dbc17b1d5a2f31ee61cde92f6f5f634957d | Triage

Submit
Reports

Overview

overview

8

Static

static

e870cfa9ee...7d.exe

windows7-x64

8

e870cfa9ee...7d.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

e870cfa9eed12d331e8e010edb530dbc17b1d5a2f31ee61cde92f6f5f634957d.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

e870cfa9eed12d331e8e010edb530dbc17b1d5a2f31ee61cde92f6f5f634957d.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

e870cfa9eed12d331e8e010edb530dbc17b1d5a2f31ee61cde92f6f5f634957d
Size

809KB
MD5

604d13e0cce013c49efab743bf6da410
SHA1

cf169716383692bd43aaea3261ceebf01f7d018a
SHA256

e870cfa9eed12d331e8e010edb530dbc17b1d5a2f31ee61cde92f6f5f634957d
SHA512

be0079605e01b52e04ab340cdc8a9d3df5a9e7ca057e9e97bc67d48c63ba220bc629e7fe22dec534a46a80fc88221b08208a222c47e5dde8cea5d35ac8d41f26
SSDEEP

24576:2kwZ7uv/RGGpHpJupuCRdXSjO0WvRagvw2yA3x:2keOpGwHSuCRcO00Fvw23

Score

N/A

Malware Config

Signatures

Files

e870cfa9eed12d331e8e010edb530dbc17b1d5a2f31ee61cde92f6f5f634957d
.exe windows x86

1d46021623ae413a885f51bd81f1d2cb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

WriteConsoleA
FindVolumeClose
lstrlenW
GetStartupInfoA
lstrcpyA
HeapSize
AddAtomA
SetEvent
GetPrivateProfileSectionW
WriteConsoleA
DeleteAtom
GetLogicalDrives
Sleep
VirtualProtect
LoadLibraryW
GetDriveTypeW
GetCommandLineA
WriteConsoleA
HeapDestroy
CopyFileA
GetFileAttributesA

dsprop

MsgBox
ErrMsg
CheckADsError
ReportError
FindSheet
FindSheet
ErrMsg
ReportError
FindSheet
ErrMsg
CheckADsError
MsgBox
MsgBox

mmcndmgr

CreateExecutivePlatform
DllRegisterServer
DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 1024B - Virtual size: 774B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 1.4MB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 802KB - Virtual size: 801KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 67B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy