884177670508440fb8e3fc79922184901a23649e32b139e76be1471f2ef95c4a | Triage

Submit
Reports

Overview

overview

8

Static

static

8841776705...4a.exe

windows7-x64

8

8841776705...4a.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

884177670508440fb8e3fc79922184901a23649e32b139e76be1471f2ef95c4a.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

884177670508440fb8e3fc79922184901a23649e32b139e76be1471f2ef95c4a.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

884177670508440fb8e3fc79922184901a23649e32b139e76be1471f2ef95c4a
Size

800KB
MD5

a0cd71b7fda990732d6283aa9a208695
SHA1

62e21050013c6a22ad67b14e4d938a86514e490a
SHA256

884177670508440fb8e3fc79922184901a23649e32b139e76be1471f2ef95c4a
SHA512

6ba43799b5bdddd602e0b9981f4836ffbdaf1644adba08ef6cdbb55d9d2cda6b505be8852f45d3138fc0e75863aeb3953c317281420a2c445f8b7c5078338e8f
SSDEEP

12288:D1sHWSYTdQYOpcbIk9fovbsCA+YjG9TsgHkiBloBzGa7s2Ry7675RaKwcky92Glh:DY+Qbav9g9T3EYa7R5RaKwcdnlIC2+9

Score

N/A

Malware Config

Signatures

Files

884177670508440fb8e3fc79922184901a23649e32b139e76be1471f2ef95c4a
.exe windows x86

e7c41ad8f8588a8e8d421c6b874ec116

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
lstrlenA
LoadLibraryW
HeapCreate
CloseHandle
ResetEvent
GetCommandLineW
CreateFileW
GlobalUnlock
CreateThread
GetCurrentProcessId
lstrcpyA
PulseEvent
LocalFree
GetModuleHandleA
UnmapViewOfFile
GetComputerNameA
GetCurrentDirectoryA
Sleep
FindClose

user32

GetDC
SetFocus
FillRect
IsWindow
CallWindowProcA
GetDlgItem
CreateWindowExA
CreateIcon
DrawEdge
GetCaretPos
DrawMenuBar
DispatchMessageA
CheckRadioButton

cryptui

CryptUIDlgCertMgr
WizardFree
LocalEnroll
CryptUIDlgSelectStoreA
CryptUIDlgSelectCA

appwiz.cpl

ConfigStartMenu

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 793KB - Virtual size: 796KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy