36d1e943b4e83dc8d8de92db174c69c934ef98f86159a986b9980aa8e8a1c5ce | Triage

Submit
Reports

Overview

overview

8

Static

static

36d1e943b4...ce.exe

windows7-x64

8

36d1e943b4...ce.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

36d1e943b4e83dc8d8de92db174c69c934ef98f86159a986b9980aa8e8a1c5ce.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

36d1e943b4e83dc8d8de92db174c69c934ef98f86159a986b9980aa8e8a1c5ce.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

36d1e943b4e83dc8d8de92db174c69c934ef98f86159a986b9980aa8e8a1c5ce
Size

838KB
MD5

497815807740439173cf0c60b8a92f90
SHA1

3158e9d07131c7b1562c1c991c2ab8f72cf2bc4f
SHA256

36d1e943b4e83dc8d8de92db174c69c934ef98f86159a986b9980aa8e8a1c5ce
SHA512

400aaa6619a811ac886aef439eb7367a99534e2fb70c6fc33760aaf1d934c092b631bfb1995fcaedc64eb4a9b4aa9bb62c013aab311547217e607f2b127395ef
SSDEEP

12288:+0yCxXKnJOXaO5K4oGm7LM3gx5vWTh0fjvGz4vXtqKIhHjApKlB7Sky8:+0yCoJvfbDWefjvGzuXsKEdG

Score

N/A

Malware Config

Signatures

Files

36d1e943b4e83dc8d8de92db174c69c934ef98f86159a986b9980aa8e8a1c5ce
.exe windows x86

0022745d1b6841cac147a60c9dd8cff6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

WriteConsoleW
SetEnvironmentVariableA
GetVolumePathNameA
OpenEventW
GetTickCount
GetStringTypeA
HeapCreate
GetVolumeInformationW
HeapFree
GetPrivateProfileIntW
lstrcatW
GetShortPathNameW
GetCurrentProcess
GetDiskFreeSpaceW
SetStdHandle
LoadLibraryA
CreateEventA
CreateMutexW
lstrlenW

netshell

HrRenameConnection
HrLaunchConnection
NcFreeNetconProperties
HrCreateDesktopIcon

Sections

.code
Size: 23KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pdata
Size: 4KB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.ndata
Size: 803KB - Virtual size: 802KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 6KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy