b4af64ddbed43bcf8e05d3443f678f7dabf9b866637291837deb0df276770189 | Triage

Submit
Reports

Overview

overview

Static

static

b4af64ddbe...89.exe

windows7-x64

b4af64ddbe...89.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

b4af64ddbed43bcf8e05d3443f678f7dabf9b866637291837deb0df276770189.exe

Resource

win7-20220901-en

evasion persistence spyware stealer trojan

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

b4af64ddbed43bcf8e05d3443f678f7dabf9b866637291837deb0df276770189.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

6 signatures

150 seconds

General

Target

b4af64ddbed43bcf8e05d3443f678f7dabf9b866637291837deb0df276770189
Size

726KB
MD5

0476485fd30fa41429d7b90b40704bc0
SHA1

2aec572606f456c18f260bdc4b420ff573364edf
SHA256

b4af64ddbed43bcf8e05d3443f678f7dabf9b866637291837deb0df276770189
SHA512

3fb1c3bff52f742ad7bc486e804595f644df992987935587e093464a7ae455ea35ccc3712e89dfa2aa9c04d4e7b20330fe03075630325feec69d5968750e7d80
SSDEEP

12288:0zAcfrxt4Cxdp5ilzwRpToCatlA8pXIFtKRsIaJRT7hVjNZVVSrfmN6kOMGFELC1:Wxxt4CxHMlzwRB3xtKRsIcRT7hJNZPSh

Score

N/A

Malware Config

Signatures

Files

b4af64ddbed43bcf8e05d3443f678f7dabf9b866637291837deb0df276770189
.exe windows x86

a1dfd29553c636b80fcd59f0b7887c99

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDefaultLangID
CreateToolhelp32Snapshot
GetLogicalDrives

ntdll

RtlPcToFileHeader

user32

FlashWindowEx
GetCursor

ws2_32

WSCDeinstallProvider

Sections

.text
Size: 717KB - Virtual size: 720KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy