5e17a6c5723f4b82386985ec322fd795dd6c22fda06ae4b5f689673e7e3f29a2 | Triage

Submit
Reports

Overview

overview

8

Static

static

5e17a6c572...a2.exe

windows7-x64

8

5e17a6c572...a2.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

5e17a6c5723f4b82386985ec322fd795dd6c22fda06ae4b5f689673e7e3f29a2.exe

Resource

win7-20220901-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

5e17a6c5723f4b82386985ec322fd795dd6c22fda06ae4b5f689673e7e3f29a2.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

2 signatures

150 seconds

General

Target

5e17a6c5723f4b82386985ec322fd795dd6c22fda06ae4b5f689673e7e3f29a2
Size

809KB
MD5

6cfd8f848d2203158c1f1bb12da9fcb0
SHA1

413d57788b87db86b9ca3d22d01eadb9cf61adc6
SHA256

5e17a6c5723f4b82386985ec322fd795dd6c22fda06ae4b5f689673e7e3f29a2
SHA512

392e8502aaf34a4c7eda5e2b6090501e661332acc9b7033feeebe7219248ce19b342d768bec2bd5457254dc8c0271dbf36d9c82c10a61a793bc3dc4fd3669f5a
SSDEEP

24576:+uOk0BARAgjuTZQDwtK7I+8MHA1biR3iDIPqt:+Jk0BARAgj2ZQDqchpHiahPq

Score

N/A

Malware Config

Signatures

Files

5e17a6c5723f4b82386985ec322fd795dd6c22fda06ae4b5f689673e7e3f29a2
.exe windows x86

9e0f6940c4e66a8781a2a8cce724138c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
RemoveDirectoryA
WriteConsoleW
GetTickCount
GlobalFree
lstrlenW
EnterCriticalSection
LeaveCriticalSection
CloseHandle
CreateFileA
GetCalendarInfoA
GetModuleHandleA
Sleep
VirtualProtectEx
GetModuleFileNameA
CancelIo
ReadFile
GetCommandLineW
DeleteFileA
GetStartupInfoA
GetFileSize
GetConsoleTitleW
CancelIo
TlsGetValue
CreateDirectoryW

user32

IsWindowVisible
GetWindowLongA
IsWindow
GetClassInfoA
GetSysColor
MessageBoxA
wsprintfA
GetWindowLongA
IsWindowEnabled
DispatchMessageA
DestroyMenu
PeekMessageA
CreateIcon

cryptdlg

CertTrustCertPolicy
CertTrustInit
CertConfigureTrustA
CertTrustCleanup

advapi32

RegCloseKey

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 800KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy