930564da8e7a645429841022791dc82f030ab7cbc2902b6e72025f2755e7dc8d | Triage

Submit
Reports

Overview

overview

Static

static

930564da8e...8d.exe

windows7-x64

930564da8e...8d.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

930564da8e7a645429841022791dc82f030ab7cbc2902b6e72025f2755e7dc8d.exe

Resource

win7-20220901-en

persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

930564da8e7a645429841022791dc82f030ab7cbc2902b6e72025f2755e7dc8d.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

930564da8e7a645429841022791dc82f030ab7cbc2902b6e72025f2755e7dc8d
Size

176KB
MD5

7c9bbcc7c1e31f3a6f66f62cc701bf62
SHA1

0027648968176cfda1419563ca32838cfff2b741
SHA256

930564da8e7a645429841022791dc82f030ab7cbc2902b6e72025f2755e7dc8d
SHA512

3336297d8f88587ccdbf7b7be3ebc761a74fe1df4bbf55a280963c0d3ed04a36d8e9634914f6192e4a22643e7448cac9d47d029fa6743680a430b4454a4ca5b6
SSDEEP

3072:wlG59UDbd/epXPFCBm51fnXf73x1w914lLmKg98p5lSUIDvg7q6kc8hOuTMMTdsx:wlyiD19mjnPDx12dKg9sl3IDvgerKm6

Score

N/A

Malware Config

Signatures

Files

930564da8e7a645429841022791dc82f030ab7cbc2902b6e72025f2755e7dc8d
.exe windows x86

2dc68c7f41a12b1895f9b7705243cfa4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfoExW
GetEnvironmentStrings
GetVersionExA
WideCharToMultiByte
SetHandleCount
GetLocaleInfoA
InterlockedExchange
TlsSetValue
RaiseException
GetStartupInfoA
LeaveCriticalSection
WriteFile
FreeEnvironmentStringsA
FreeEnvironmentStringsW
HeapSize
GetLastError
QueryPerformanceCounter
GetFileType
EnumResourceTypesA
MultiByteToWideChar
InterlockedIncrement
GetOEMCP
GetThreadLocale
lstrlenW
EnterCriticalSection
DeleteCriticalSection
UnhandledExceptionFilter
GetStdHandle
GetACP
GetEnvironmentStringsW
TlsGetValue
GetCPInfo
GetTickCount
GetEnvironmentStringsW
InitializeCriticalSection
GetCurrentProcessId

ole32

CoGetMalloc
CoTaskMemAlloc
StringFromGUID2
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc

gdi32

GetTextExtentPointA
SelectObject
DeleteObject
GetDeviceCaps
GetTextMetricsA
CreateFontIndirectA

msimg32

AlphaBlend
TransparentBlt

Sections

.text
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy