2ab922f0a937043128452e995e6b57f65bb98b3d9e7bfb1aacbf4201910735b4 | Triage

Submit
Reports

Overview

overview

8

Static

static

2ab922f0a9...b4.exe

windows7-x64

8

2ab922f0a9...b4.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

2ab922f0a937043128452e995e6b57f65bb98b3d9e7bfb1aacbf4201910735b4.exe

Resource

win7-20220901-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

2ab922f0a937043128452e995e6b57f65bb98b3d9e7bfb1aacbf4201910735b4.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

2ab922f0a937043128452e995e6b57f65bb98b3d9e7bfb1aacbf4201910735b4
Size

799KB
MD5

6004c575c0dd51b65a52bb8ff1d3c3f0
SHA1

27cf72c7510570e614d6c412b877ee6e6c5231c0
SHA256

2ab922f0a937043128452e995e6b57f65bb98b3d9e7bfb1aacbf4201910735b4
SHA512

e59a23ceb4beb96500d23b24f07e8cdf397fb809cd52fe373f39d59a6c4f51806fd8656d38a532100a452c5569940ef2156b5028ce22c16f6f3b0d9217c8ed46
SSDEEP

12288:SGl/dZ6yERjSPRw/B9bDyfAw3uvHWXlp4PMorljuENLOXZV1WmLpy56fm20Q0:RhERjaTfPuvWXA0u5LENL0

Score

N/A

Malware Config

Signatures

Files

2ab922f0a937043128452e995e6b57f65bb98b3d9e7bfb1aacbf4201910735b4
.exe windows x86

cb3533ea53ed5ae550d983fb33e174f8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetCurrentThreadId
LeaveCriticalSection
IsValidLocale
SetFilePointer
GetVersionExA
GetPriorityClass
IsBadReadPtr
GetModuleHandleA
ResumeThread
SuspendThread
CreateDirectoryA
SetEvent
GetModuleFileNameA
GlobalSize
GetLocaleInfoA
HeapDestroy
VirtualProtect
GetStdHandle
GetProcessHeap
CreateMutexW
CreateFileW
HeapSize
lstrlenA
CreateFileW
GetFileAttributesW

user32

DispatchMessageA
GetWindowLongA
GetWindowTextA
SetCursor
DrawIcon
PeekMessageA
GetWindowLongA
MessageBoxW
DestroyMenu
LoadCursorA
DestroyIcon
wsprintfA
SetRect

dpnet

DllCanUnloadNow
DllRegisterServer
DllGetClassObject
DllUnregisterServer

advapi32

IsValidAcl

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 793KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy