f14b38f8ffa263bc0eae74f999d9bb40d2a3a2395ec5ccf8cd78dde830bda4a2 | Triage

Submit
Reports

Overview

overview

8

Static

static

f14b38f8ff...a2.exe

windows7-x64

8

f14b38f8ff...a2.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

f14b38f8ffa263bc0eae74f999d9bb40d2a3a2395ec5ccf8cd78dde830bda4a2.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

f14b38f8ffa263bc0eae74f999d9bb40d2a3a2395ec5ccf8cd78dde830bda4a2.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

f14b38f8ffa263bc0eae74f999d9bb40d2a3a2395ec5ccf8cd78dde830bda4a2
Size

773KB
MD5

a18eec03d5c1527803a95a5661bd4de0
SHA1

a32d72a0929041822a53dfb0521effed2b1959fb
SHA256

f14b38f8ffa263bc0eae74f999d9bb40d2a3a2395ec5ccf8cd78dde830bda4a2
SHA512

8b791dd5b6b37a6d5780c45f2b6e933c99b06e3b0ffadb498769f9ffd96e10e724c2c7b34fc21c5dfc029683a63ef61c7271810fedef5cb9d85c546548daece2
SSDEEP

12288:nY8SFwmeecNO5pEyC9esBccl8RuiPL1ytUCIT8+uKnAGU+ZbIQi9EFA:nWveecw727ccyRPLIGC1+rAGUdQ

Score

N/A

Malware Config

Signatures

Files

f14b38f8ffa263bc0eae74f999d9bb40d2a3a2395ec5ccf8cd78dde830bda4a2
.exe windows x86

cf240cb0d343c261e5af8ce8b46ad593

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetProcessHeap
GetModuleHandleA
ResumeThread
GetPriorityClass
HeapDestroy
GetCommandLineA
WriteConsoleW
SetEvent
VirtualQueryEx
lstrcpyA
WriteConsoleW
GetStartupInfoA
CopyFileA
DisconnectNamedPipe
CreatePipe
VirtualProtect
GetStdHandle
GetFileAttributesW
lstrlenW
WriteConsoleW
DeleteFileA

mmcndmgr

DllRegisterServer
DllRegisterServer
DllCanUnloadNow
DllGetClassObject

cryptui

CryptUIWizImport
CryptUIStartCertMgr
CryptUIDlgViewContext
LocalEnroll
WizardFree
CryptUIWizBuildCTL
LocalEnroll
DllUnregisterServer
DllRegisterServer
CryptUIWizDigitalSign
LocalEnrollNoDS
WizardFree
CryptUIWizExport

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 764KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.impdata
Size: 1024B - Virtual size: 769B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy