aa542dd80abcd8fd387dab7ad3ef452aef58a356205270c80304f024c327a0a4 | Triage

Submit
Reports

Overview

overview

Static

static

aa542dd80a...a4.exe

windows7-x64

aa542dd80a...a4.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

aa542dd80abcd8fd387dab7ad3ef452aef58a356205270c80304f024c327a0a4.exe

Resource

win7-20220901-en

persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

aa542dd80abcd8fd387dab7ad3ef452aef58a356205270c80304f024c327a0a4.exe

Resource

win10v2004-20220812-en

persistence spyware stealer upx

windows10-2004-x64

4 signatures

150 seconds

General

Target

aa542dd80abcd8fd387dab7ad3ef452aef58a356205270c80304f024c327a0a4
Size

182KB
MD5

522e977522b41915d1c48bd88e8d1ed4
SHA1

e0b9c78a31f07e809a3ab1ef76164f9ca212a0ea
SHA256

aa542dd80abcd8fd387dab7ad3ef452aef58a356205270c80304f024c327a0a4
SHA512

d83d7689d4eeb52294b9f4d04815cdeca78905e6c50b87e697559a4f6059f429b86f78125bed8bc5e7c4e7c563a3bc64f7a2c25ddbabe8c4947eb3e7ef73990f
SSDEEP

3072:zuer/n2KYLh82pZOyr2pq9RVqOPMaGVdD9En2fBqJLB++C3Px+N3:zuer//H2pZOemq7EI0xwuqP+nZ+N

Score

N/A

Malware Config

Signatures

Files

aa542dd80abcd8fd387dab7ad3ef452aef58a356205270c80304f024c327a0a4
.exe windows x86

39b305bc891f39e93cb983e5a185f7f3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoGetDefaultContext
StringFromGUID2
CoUninitialize
CoTaskMemAlloc
CoInitialize
CoTaskMemFree

shlwapi

PathGetArgsW
PathIsUNCW
SHRegGetValueW
PathSkipRootW
StrDupW
PathFindFileNameW

gdiplus

GdipGetImageWidth
GdipDisposeImage

kernel32

GetCalendarInfoW
GetModuleHandleW
GetProcAddress
GetCurrentProcess
GetFileInformationByHandle
VirtualProtect
InterlockedExchange
GetModuleFileNameW
GetProcessId
OutputDebugStringW
LocalAlloc
DuplicateHandle
OutputDebugStringA
lstrlenW
EnumResourceNamesA
GetCurrentDirectoryW
SetLastError
SearchPathW
MultiByteToWideChar
GetFileAttributesW
InitializeCriticalSection
SetEnvironmentVariableW
CreateDirectoryW
WideCharToMultiByte
LocalFree
GetModuleHandleA
VirtualQuery
lstrcmpiW
ExitProcess
FreeLibrary
GetCurrentThreadId
GetLastError
Sleep

Sections

.text
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy