6a3de20bb23fb9390c1e7af4d1b8c00fc62470bdf5fefd5b6f5ecca9f82e833f | Triage

Submit
Reports

Overview

overview

Static

static

6a3de20bb2...3f.exe

windows7-x64

6a3de20bb2...3f.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

6a3de20bb23fb9390c1e7af4d1b8c00fc62470bdf5fefd5b6f5ecca9f82e833f.exe

Resource

win7-20220812-en

persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

6a3de20bb23fb9390c1e7af4d1b8c00fc62470bdf5fefd5b6f5ecca9f82e833f.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

6a3de20bb23fb9390c1e7af4d1b8c00fc62470bdf5fefd5b6f5ecca9f82e833f
Size

195KB
MD5

003cf0dc92e44593fc1c713da216137c
SHA1

9c44e78c0bb3eae10e047c533faffbfc97f5a1e6
SHA256

6a3de20bb23fb9390c1e7af4d1b8c00fc62470bdf5fefd5b6f5ecca9f82e833f
SHA512

c511fc38ba7362209ac9023d0866873a40f6499350136a1a713aa6d37f167cdd206f6530ddf59c9ace8bc833c4d260a614aec27ea6be776fc86175666e9e95f0
SSDEEP

3072:6wgKCJzOUsm22Jht/ni+hLBXSXrnMwCWle6yXDkAlcRgWBQtRJtxPcxpUW+kOLi/:9tCJzOUsTUAnbSWoDkcA9QdUx20FDj

Score

N/A

Malware Config

Signatures

Files

6a3de20bb23fb9390c1e7af4d1b8c00fc62470bdf5fefd5b6f5ecca9f82e833f
.exe windows x86

a52ac0ce7555d65f145ea8138f4cb049

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetHandleCount
TlsGetValue
GetOEMCP
GetCPInfoExA
WriteFile
MultiByteToWideChar
FreeEnvironmentStringsA
GetThreadLocale
WideCharToMultiByte
QueryPerformanceCounter
GetStartupInfoA
RaiseException
UnhandledExceptionFilter
DeleteCriticalSection
GetEnvironmentStringsW
lstrlenW
InitializeCriticalSection
GetLastError
InterlockedIncrement
EnumResourceTypesA
GetTickCount
LeaveCriticalSection
TlsSetValue
InterlockedExchange
GetEnvironmentStrings
GetFileType
GetCPInfo
GetACP
LoadLibraryW
GetStdHandle
FreeEnvironmentStringsW
GetLocaleInfoA
EnterCriticalSection
GetVersionExA
HeapSize
GetCurrentProcessId

ole32

CoGetMalloc
CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc
StringFromGUID2
CoTaskMemRealloc

gdi32

DeleteObject
GetDeviceCaps
GetTextExtentPointA
GetTextMetricsA
SelectObject
CreateFontIndirectA

msimg32

AlphaBlend
TransparentBlt

Sections

.text
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy