0440ab71844b4e1c98770ab169b30af560cf41293777f3387765c90b9549d032 | Triage

Submit
Reports

Overview

overview

8

Static

static

0440ab7184...32.exe

windows7-x64

8

0440ab7184...32.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

0440ab71844b4e1c98770ab169b30af560cf41293777f3387765c90b9549d032.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

0440ab71844b4e1c98770ab169b30af560cf41293777f3387765c90b9549d032.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

0440ab71844b4e1c98770ab169b30af560cf41293777f3387765c90b9549d032
Size

819KB
MD5

74f526a1162d2d3b72103d94126d0d00
SHA1

4c3e906e05e4469444a07d2ccefcd7dfdef08bde
SHA256

0440ab71844b4e1c98770ab169b30af560cf41293777f3387765c90b9549d032
SHA512

4dab3b3bb177f422e679692024aab8d6e770f2a6d1b977bfcb7548c46a4abd402370e8d80de13016986c0600b580629eab9f45a74439aeb98b0061fc28816cc1
SSDEEP

24576:l7RMSyj4JUtXZV81PjILZeLHLeOnTqV51M:l7RMSzUtojINeLrNnTqX

Score

N/A

Malware Config

Signatures

Files

0440ab71844b4e1c98770ab169b30af560cf41293777f3387765c90b9549d032
.exe windows x86

2611ee410b0ea838cbdb0b9e0ea51a47

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResetEvent
LoadLibraryW
LocalFree
SetEvent
GetEnvironmentVariableW
GetCurrentThreadId
IsBadStringPtrA
HeapCreate
CreateEventW
ReleaseMutex
GlobalFree
GetCurrentProcessId
GetPrivateProfileStringA
GetLocalTime
InitializeCriticalSection
WriteFile
CloseHandle
GetDriveTypeA
lstrlenW
GlobalFlags

user32

GetSysColor
CallWindowProcW
SetFocus
GetSysColor
CreateWindowExA
GetClassInfoA
DispatchMessageA
EndDialog
DrawStateW
IsWindow
GetCursorInfo
GetClientRect
GetKeyboardType

msident

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

advapi32

InitializeSid

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 808KB - Virtual size: 807KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy