47baf3053e290d869bd04930d9ebb4ffecd51bf0e64bb9d0361375dd67f67db0 | Triage

Submit
Reports

Overview

overview

8

Static

static

47baf3053e...b0.exe

windows7-x64

8

47baf3053e...b0.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

47baf3053e290d869bd04930d9ebb4ffecd51bf0e64bb9d0361375dd67f67db0.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

47baf3053e290d869bd04930d9ebb4ffecd51bf0e64bb9d0361375dd67f67db0.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

47baf3053e290d869bd04930d9ebb4ffecd51bf0e64bb9d0361375dd67f67db0
Size

797KB
MD5

69f7857e55e2690a2bf2b0098f239200
SHA1

f69dd83ce26a842846fb510e7c8c8fcd097b92f3
SHA256

47baf3053e290d869bd04930d9ebb4ffecd51bf0e64bb9d0361375dd67f67db0
SHA512

e763143803dadeadf9f3deb0415673f4540ed1c1590301501394a217a78cc1e3220c30fa631c2bb46bb5685271941b71f0676d6100c1ca188e3e7f6b342686ea
SSDEEP

24576:A0duQMXSf5Mnn5B5I4jWerEA8MUmMGkqHZQMv7Ol4+:2QMi+nf5I4yerlomMGkCh

Score

N/A

Malware Config

Signatures

Files

47baf3053e290d869bd04930d9ebb4ffecd51bf0e64bb9d0361375dd67f67db0
.exe windows x86

a257eec6befa3df720bf4731691d8d2b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetLocaleInfoA
GetFileAttributesA
SetLastError
RemoveDirectoryA
CreateMailslotA
GetProcessHeap
IsBadWritePtr
SetLocalTime
ReleaseMutex
GetModuleHandleA
GetCommandLineA
ResetEvent
GetDriveTypeW
CancelIo
WriteFile
DeleteFileA
CreateDirectoryA
HeapSize
GetStdHandle
VirtualProtect
MapViewOfFile

user32

SetCursor
PeekMessageA
wsprintfA
DispatchMessageA
PostMessageW
SetFocus
LoadImageA
GetWindowLongW
GetCaretPos
LoadCursorA
DestroyMenu
GetCapture
GetWindowTextW

hnetcfg

DllRegisterServer
DllCanUnloadNow
DllGetClassObject
HNetGetSharingServicesPage

rasapi32

DwRasUninitialize

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 790KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.import
Size: 512B - Virtual size: 464B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy