064d608128486c32a55339dfb8fd263d6933f9a56e58c043ca62cbb39e9753a6 | Triage

Submit
Reports

Overview

overview

8

Static

static

064d608128...a6.exe

windows7-x64

8

064d608128...a6.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

064d608128486c32a55339dfb8fd263d6933f9a56e58c043ca62cbb39e9753a6.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

064d608128486c32a55339dfb8fd263d6933f9a56e58c043ca62cbb39e9753a6.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

064d608128486c32a55339dfb8fd263d6933f9a56e58c043ca62cbb39e9753a6
Size

823KB
MD5

40994da59a3f3098fb82dc81b4bec0d5
SHA1

b3a57be21b1ec812d2394d76e28c8f2abd74d61e
SHA256

064d608128486c32a55339dfb8fd263d6933f9a56e58c043ca62cbb39e9753a6
SHA512

a613570af08643902a86f31f13f91ef020b0bb5a50b8a5b01003e60ca7f070fa27375a56f91c67685f2c40c533b028bb27b2e0384cc4a1aee6b8a97ff1659bfd
SSDEEP

24576:KYi+bqZlr6Ps/zWexgSDyLbpMbaweknRijLW:1JbaisrtOLbpM2weknR0W

Score

N/A

Malware Config

Signatures

Files

064d608128486c32a55339dfb8fd263d6933f9a56e58c043ca62cbb39e9753a6
.exe windows x86

a6f63ad17add3074cc3ee778bc6476ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoW
CompareStringA
GetLocaleInfoW
GetLocaleInfoW
GetLocaleInfoW
LoadLibraryA
HeapCreate
GetConsoleTitleW
OpenMutexA
DeleteFileA
GetLongPathNameW
GetLocaleInfoW
GetLocaleInfoW
CreateMailslotW
GetLocaleInfoW
GetLocaleInfoW
GetLocaleInfoW

msxml3

DllRegisterServer
DllCanUnloadNow
DllGetClassObject
DllUnregisterServer

Sections

.text1
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hdata
Size: 804KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy