db8c57ff57070b586afd65ddb364169f7e02146588dd9362a9eee1f7ecbbcafa | Triage

Submit
Reports

Overview

overview

8

Static

static

db8c57ff57...fa.exe

windows7-x64

8

db8c57ff57...fa.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

db8c57ff57070b586afd65ddb364169f7e02146588dd9362a9eee1f7ecbbcafa.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

db8c57ff57070b586afd65ddb364169f7e02146588dd9362a9eee1f7ecbbcafa.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

db8c57ff57070b586afd65ddb364169f7e02146588dd9362a9eee1f7ecbbcafa
Size

804KB
MD5

83226e395d5b5078b50b73761ff606d0
SHA1

5b57f4c29e1ca443421660f648898c97ce7d6a72
SHA256

db8c57ff57070b586afd65ddb364169f7e02146588dd9362a9eee1f7ecbbcafa
SHA512

f43cc81777213061cb06aafc4705d079b7c20592354e591b9eb692d4a11d04816fb489b1f7578480a14036851b228ad2bfdf6d7bb1dc290708b55fb9d22cb43a
SSDEEP

12288:1MNYuYMVdo2xGsrTxko1y6pyCC2NbYilE4oFU0zumHLzs:AYMTNtko1boCCiE4R0zumrg

Score

N/A

Malware Config

Signatures

Files

db8c57ff57070b586afd65ddb364169f7e02146588dd9362a9eee1f7ecbbcafa
.exe windows x86

601ca4563a08f283bbc143243d803f35

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

AddAtomA
GetModuleFileNameA
PulseEvent
CreateFileW
IsValidLocale
SetFilePointer
OpenEventW
DeleteFileW
CreateDirectoryA
InterlockedExchange
GetDriveTypeW
OpenMutexW
GetModuleHandleA
GetProcessVersion
GlobalFlags
GetFileAttributesA
GetVolumePathNameA
HeapDestroy
CreateFileW
VirtualProtectEx
LeaveCriticalSection
GetCurrentThreadId
GetTickCount
DeleteFileW
SetFileTime

user32

wsprintfA
GetWindowLongA
DestroyIcon
IsMenu
MessageBoxA
DestroyMenu
GetWindowLongA
GetWindowTextA
DispatchMessageA
PeekMessageA
SetFocus
SetRect
LoadCursorA

dbnetlib

ConnectionOpen
InitSession
ConnectionError
ConnectionClose

advapi32

IsValidAcl

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 794KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy