22f3ec85a9a10d6d31834785442ce5987e8fca50fb089058df8386bc2b1208e5 | Triage

Submit
Reports

Overview

overview

8

Static

static

22f3ec85a9...e5.exe

windows7-x64

8

22f3ec85a9...e5.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

22f3ec85a9a10d6d31834785442ce5987e8fca50fb089058df8386bc2b1208e5.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

22f3ec85a9a10d6d31834785442ce5987e8fca50fb089058df8386bc2b1208e5.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

22f3ec85a9a10d6d31834785442ce5987e8fca50fb089058df8386bc2b1208e5
Size

799KB
MD5

137c963351126943d562e65eed888a16
SHA1

c5ffa3dc7ae67740a25292f898ae702e5891f78a
SHA256

22f3ec85a9a10d6d31834785442ce5987e8fca50fb089058df8386bc2b1208e5
SHA512

c2fe56974474360088af793a4f185d4cf7199ebe2e7d75ed83b2149f780d49214077a8feb3002029f9035234fbf83245b136753350f8e018042e2415c0993c61
SSDEEP

24576:UEYuIDWkwLGu5YtabUJDCcJGWCwFg+WV42E5Q+:UEcXmGu5YgUpCcJowFg+WV4l53

Score

N/A

Malware Config

Signatures

Files

22f3ec85a9a10d6d31834785442ce5987e8fca50fb089058df8386bc2b1208e5
.exe windows x86

1ece83813bd57967b39f16c3b9dfb5f7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CreateFileW
VirtualProtect
GetModuleHandleA
OpenEventW
GetModuleFileNameA
GetTickCount
HeapDestroy
LeaveCriticalSection
GetCurrentThreadId
LocalFlags
GetLocaleInfoA
GetVersionExA
IsValidLocale
SuspendThread
SetEvent
ResumeThread
CreateFileW
AddAtomW
GetFileAttributesW
CreateDirectoryA
InterlockedExchange
SetFilePointer
lstrlenA
GetStdHandle
CreateMutexW

user32

IsMenu
DispatchMessageA
LoadCursorA
DestroyIcon
DestroyMenu
wsprintfA
GetWindowLongA
PeekMessageA
SetRect
MessageBoxA
GetWindowLongA
GetWindowTextA
IsMenu

dpnet

DllGetClassObject
DllRegisterServer
DllCanUnloadNow
DllUnregisterServer

advapi32

IsValidAcl

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 793KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy