65b811876bd24b0775318d985c024ac3e2d318db60d2df18a6ad6d6253d56d7c | Triage

Submit
Reports

Overview

overview

8

Static

static

65b811876b...7c.exe

windows7-x64

8

65b811876b...7c.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

65b811876bd24b0775318d985c024ac3e2d318db60d2df18a6ad6d6253d56d7c.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

65b811876bd24b0775318d985c024ac3e2d318db60d2df18a6ad6d6253d56d7c.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

65b811876bd24b0775318d985c024ac3e2d318db60d2df18a6ad6d6253d56d7c
Size

803KB
MD5

247482231b00ada1c3939e4807fbc580
SHA1

388c64aa5aa8eac467b731f354cf33b75557603b
SHA256

65b811876bd24b0775318d985c024ac3e2d318db60d2df18a6ad6d6253d56d7c
SHA512

e876aee309e4a0e5947d607bc5679822a324f31e9eb4c07daacbedd9434d089e5815ce176ba07972bec0869c2de61acffb20e5dedf12e460bfca73aac9f58571
SSDEEP

24576:yvhjOZfCIBokXuqX2DM9iFdo+yBlJfRu/aQulBt2P:yvGykXFGDMEanBldEa7lBt4

Score

N/A

Malware Config

Signatures

Files

65b811876bd24b0775318d985c024ac3e2d318db60d2df18a6ad6d6253d56d7c
.exe windows x86

0c3e8562feb81da84eada0100404e899

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetCurrentThreadId
CreateFileW
CreateFileW
CreateDirectoryA
GetProcessVersion
SetFileTime
FindAtomW
GetDriveTypeW
GetVolumePathNameA
GetModuleFileNameA
GetModuleHandleA
VirtualProtectEx
SetFilePointer
InterlockedExchange
IsValidLocale
PulseEvent
GetFileAttributesA
GlobalFlags
HeapDestroy
DeleteFileW
OpenEventW
GetTickCount
OpenMutexW
LeaveCriticalSection
DeleteFileW

user32

IsMenu
MessageBoxA
PeekMessageA
LoadCursorA
DestroyMenu
SetFocus
DispatchMessageA
wsprintfA
GetWindowLongA
GetWindowTextA
DestroyIcon
SetRect
GetWindowLongA

dpnhpast

DllCanUnloadNow
DllRegisterServer
DllUnregisterServer
DllGetClassObject

advapi32

IsValidAcl

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 793KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy