e892a0fc0afa4461cd749f864f6c15d8250a3eb81800ca1f38f0c2343ff90c90 | Triage

Submit
Reports

Overview

overview

8

Static

static

e892a0fc0a...90.exe

windows7-x64

8

e892a0fc0a...90.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

e892a0fc0afa4461cd749f864f6c15d8250a3eb81800ca1f38f0c2343ff90c90.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

e892a0fc0afa4461cd749f864f6c15d8250a3eb81800ca1f38f0c2343ff90c90.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

e892a0fc0afa4461cd749f864f6c15d8250a3eb81800ca1f38f0c2343ff90c90
Size

803KB
MD5

825a282822f9d8da7a254da04397f5f0
SHA1

f6108a766922d53a2a978da7cf1e806e33c87697
SHA256

e892a0fc0afa4461cd749f864f6c15d8250a3eb81800ca1f38f0c2343ff90c90
SHA512

26020ca544171cb07d3123c8a4585c9b6ea53a67e99a9c182298c5dc35428ef770be33d308fe007672607d8628dea7ef1c2f861936d052e0b6b3c8349312e052
SSDEEP

12288:VE7/OzRPizX5x5W84eAGLWloK51kdB5RFe3AwAKyUfbi9TX/al:Vg/+RPQn5WqIoqkD70wwHXeV

Score

N/A

Malware Config

Signatures

Files

e892a0fc0afa4461cd749f864f6c15d8250a3eb81800ca1f38f0c2343ff90c90
.exe windows x86

f4b27630bdfa529182933188ea50a9c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
FindAtomW
GlobalFlags
VirtualProtectEx
DeleteFileW
GetCurrentThreadId
GetDriveTypeW
GetTickCount
SetFilePointer
CreateFileW
GetVolumePathNameA
LeaveCriticalSection
SetFileTime
HeapDestroy
GetModuleFileNameA
DeleteFileW
IsValidLocale
PulseEvent
OpenMutexW
GetProcessVersion
CreateDirectoryA
OpenEventW
CreateFileW
GetFileAttributesA
InterlockedExchange

user32

GetWindowTextA
GetWindowLongA
wsprintfA
IsMenu
DestroyMenu
DispatchMessageA
SetFocus
DestroyIcon
LoadCursorA
GetWindowLongA
PeekMessageA
MessageBoxA
SetRect

dpnhpast

DllRegisterServer
DllCanUnloadNow
DllGetClassObject
DllUnregisterServer

advapi32

IsValidAcl

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 793KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy