b30c823f3c50910b068a604d1904a4b7c9b8b0e9eb225da91522c39b6e9716fa | Triage

Submit
Reports

Overview

overview

8

Static

static

b30c823f3c...fa.exe

windows7-x64

8

b30c823f3c...fa.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

b30c823f3c50910b068a604d1904a4b7c9b8b0e9eb225da91522c39b6e9716fa.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

b30c823f3c50910b068a604d1904a4b7c9b8b0e9eb225da91522c39b6e9716fa.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

b30c823f3c50910b068a604d1904a4b7c9b8b0e9eb225da91522c39b6e9716fa
Size

831KB
MD5

77385e5d0c2aeff524180d44025faa20
SHA1

e9951de670a47473ebb95963340376ca7cee2c0b
SHA256

b30c823f3c50910b068a604d1904a4b7c9b8b0e9eb225da91522c39b6e9716fa
SHA512

bd2c0454224bc129770454a9074cd2d2b0f8422f0121cc4595326d4aff2eb7931572eb4a80eee728d16184faa51cdb0dab723b7d176e10f70c7bb1d5a8bb5679
SSDEEP

24576:LdP35tm/oO3k5cHZCogYeZcu0xLJzKh4tL/+:pfg61YWc7LJh

Score

N/A

Malware Config

Signatures

Files

b30c823f3c50910b068a604d1904a4b7c9b8b0e9eb225da91522c39b6e9716fa
.exe windows x86

e63542b3e05c3d3caa49282b48dee605

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleA
GetFileAttributesA
GetPrivateProfileStringA
GetDriveTypeA
FreeEnvironmentStringsW
HeapAlloc
CopyFileA
GetEnvironmentVariableA
GetTimeFormatA
CompareStringW
VirtualAlloc
CreateDirectoryA
CopyFileA
ReadConsoleW
GetVolumeInformationA
LoadLibraryA
CreateFileMappingW

msdtcuiu

DtcPerfCollect
PerfDllRegisterServer
DtcPerfClose
DtcPerfOpen

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 716B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.odata
Size: 812KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy