91e48933babaa402ed0846eba890ba81fea0ca890b70da6a052d923e8f349d73 | Triage

Submit
Reports

Overview

overview

8

Static

static

91e48933ba...73.exe

windows7-x64

8

91e48933ba...73.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

91e48933babaa402ed0846eba890ba81fea0ca890b70da6a052d923e8f349d73.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

91e48933babaa402ed0846eba890ba81fea0ca890b70da6a052d923e8f349d73.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

91e48933babaa402ed0846eba890ba81fea0ca890b70da6a052d923e8f349d73
Size

800KB
MD5

7c853675e9ee53cd0264113aba248d20
SHA1

738881082ff8203f626908960ac13ededa60a711
SHA256

91e48933babaa402ed0846eba890ba81fea0ca890b70da6a052d923e8f349d73
SHA512

99878686acc3f6b68f136d1fc4914628260ed58f554af818d9f1bbd018263a54345b04b8cc6fbd270d810efa12f6d6302e6f46c176ed2a9d7fdcb8a1ebe72617
SSDEEP

24576:5+I+vDDBc/qpsOI65pMIx49BWiyE2ME7ri1Vs+:QXDK/iRIGx9Emrio+

Score

N/A

Malware Config

Signatures

Files

91e48933babaa402ed0846eba890ba81fea0ca890b70da6a052d923e8f349d73
.exe windows x86

ab7be705dd1fab5efc79c8748c212791

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

FindResourceW
GetExitCodeThread
VirtualProtect
GetFileAttributesA
GetModuleHandleA
SuspendThread
GetStringTypeA
GetTickCount
FindClose
GetFileAttributesA
MapViewOfFile
GetLocaleInfoW
GetCurrentProcess
HeapFree
RemoveDirectoryW
CreateDirectoryW
SetLastError
LocalLock
SetPriorityClass
TlsGetValue
IsValidCodePage

user32

IsDialogMessageA
wsprintfW
SetFocus
IsWindow
SetCursor
GetWindowTextW
PostMessageW
GetWindowLongW
LoadStringW
PeekMessageW
LoadCursorA
LoadImageW
DispatchMessageA

msctf

DllUnregisterServer
TF_InitSystem
DllCanUnloadNow
DllUnregisterServer

rasapi32

DwRasUninitialize

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 699KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 789KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.import
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy