0398e1926a15a0efd599305fd655859fc53e33d48f3a1b2b7c8e9997d23c93ae | Triage

Submit
Reports

Overview

overview

Static

static

0398e1926a...ae.exe

windows7-x64

0398e1926a...ae.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

0398e1926a15a0efd599305fd655859fc53e33d48f3a1b2b7c8e9997d23c93ae.exe

Resource

win7-20220901-en

persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

0398e1926a15a0efd599305fd655859fc53e33d48f3a1b2b7c8e9997d23c93ae.exe

Resource

win10v2004-20220901-en

persistence spyware stealer upx

windows10-2004-x64

4 signatures

150 seconds

General

Target

0398e1926a15a0efd599305fd655859fc53e33d48f3a1b2b7c8e9997d23c93ae
Size

183KB
MD5

a0d1b942e628e18b2497b067be410059
SHA1

4a1206fadee57099aff0f08ca4189a728ff53d33
SHA256

0398e1926a15a0efd599305fd655859fc53e33d48f3a1b2b7c8e9997d23c93ae
SHA512

18a790f8853efc6e2e813313973febce137a430b38a508b8866fa2cca69e0982671f107e431ebed7b509bcbf79cb9225540243f8de48dd66b3512dae6037876c
SSDEEP

3072:cZOxziiYTQUFJsFtN8NYdM4ZGEo/d/baIjhJ7O3Y7X7HHciBgWmIMbN2OTIr2l0:xziBQUFJsFtN8NYdM4YEc/bJ1kWn5mIr

Score

N/A

Malware Config

Signatures

Files

0398e1926a15a0efd599305fd655859fc53e33d48f3a1b2b7c8e9997d23c93ae
.exe windows x86

c1b8b1560d8e2a449fbd31c2a0265d7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

I_RpcFreeBuffer
UuidCreate

gdi32

SelectObject
StretchBlt
SetStretchBltMode
LineTo
CreateDCW
CreateCompatibleDC
BitBlt
GetObjectType
CreatePen
CreateDIBSection
DeleteDC
CreateBitmap

user32

DestroyMenu
RedrawWindow
ClipCursor
FindWindowA
TrackPopupMenuEx
CreatePopupMenu
GetDesktopWindow

msimg32

AlphaBlend
TransparentBlt

gdiplus

GdipCreateBitmapFromFile
GdipGetImagePixelFormat
GdipGetImageWidth
GdipGetImageHeight
GdipDisposeImage

winmm

timeGetTime

kernel32

FlushInstructionCache
LoadLibraryW
LocalFree
ExitProcess
ExitProcess
SetLocaleInfoW
LocalAlloc
GetVersionExA
GetModuleFileNameA

Sections

.text
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy