dbd27fa7d7752557e7df9aa224e97d32395b228cc8a14b589aed646df36cd935 | Triage

Submit
Reports

Overview

overview

8

Static

static

dbd27fa7d7...35.exe

windows7-x64

8

dbd27fa7d7...35.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

dbd27fa7d7752557e7df9aa224e97d32395b228cc8a14b589aed646df36cd935.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

dbd27fa7d7752557e7df9aa224e97d32395b228cc8a14b589aed646df36cd935.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

dbd27fa7d7752557e7df9aa224e97d32395b228cc8a14b589aed646df36cd935
Size

802KB
MD5

619aba093d5466926e0d9aed8417e180
SHA1

5a25c717d9c7d8ed264fe9841db822ad56ba61ae
SHA256

dbd27fa7d7752557e7df9aa224e97d32395b228cc8a14b589aed646df36cd935
SHA512

cf450625bce1d7017b47e8781d272eff22255feae9f819ed91dc987dead0c881f93ca1865094bd267ecd56073e6eeaa9e5fe52a415179423b842895a4569eb1d
SSDEEP

12288:TLa64oWtlAR5Zb89H52Emx3d3FPsAmAFbj10WTclfrcDGtVqc9jU7+XxCZyrIkD5:Ha6FUARTwBEEmxrsZq1ybVT9W8oqb

Score

N/A

Malware Config

Signatures

Files

dbd27fa7d7752557e7df9aa224e97d32395b228cc8a14b589aed646df36cd935
.exe windows x86

671409b03a2cd3f27bd954990f74620a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenMutexA
PulseEvent
DeleteFileW
CreateFileW
GetVolumePathNameA
LocalFree
GetCurrentThreadId
CreateDirectoryA
VirtualProtectEx
LeaveCriticalSection
GlobalFlags
GetProcessHeap
SetFileTime
DeleteFileW
OpenEventA
FindAtomA
GetConsoleMode
GetModuleFileNameA
InterlockedExchange
HeapDestroy
GetModuleHandleA
GetFileAttributesA
CreateFileW
SetFilePointer
GetDriveTypeW

user32

LoadCursorA
GetWindowTextA
GetWindowLongA
IsMenu
DestroyMenu
DestroyIcon
wsprintfA
MessageBoxA
DispatchMessageA
SetRect
SetFocus
GetWindowLongA
PeekMessageA

dot3gpclnt

LANGPADeInit
GenerateLANPolicy
LANGPAInit
ProcessLANPolicyEx

advapi32

IsValidAcl

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 794KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy