562a2428e3ea400c9d4d75cd70fa7c772af7a3e38553c42b0f6ad74c2ac6dde5 | Triage

Submit
Reports

Overview

overview

Static

static

562a2428e3...e5.exe

windows7-x64

562a2428e3...e5.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

562a2428e3ea400c9d4d75cd70fa7c772af7a3e38553c42b0f6ad74c2ac6dde5.exe

Resource

win7-20220812-en

persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

562a2428e3ea400c9d4d75cd70fa7c772af7a3e38553c42b0f6ad74c2ac6dde5.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

562a2428e3ea400c9d4d75cd70fa7c772af7a3e38553c42b0f6ad74c2ac6dde5
Size

178KB
MD5

845f0a22f98f2f02a13a049fa2a5c2e4
SHA1

6968dfc4a6c182a12f5d623bf35e3337a28bc2d9
SHA256

562a2428e3ea400c9d4d75cd70fa7c772af7a3e38553c42b0f6ad74c2ac6dde5
SHA512

08494f1809dce55a4f705940cf1750d6310721639f678f60742e408d3419921ce456731ed6175c880a3c406145b81829102f7418e807199397c614cc0c4d91bf
SSDEEP

3072:fi6/7fMuyzaXdv/dGxgRCGgvCOjSwVsC9exGsqaIbVJ6+JvLZ+ppywusLL/:K6zfsYH8mYv59swexrebVJ6iyp7r

Score

N/A

Malware Config

Signatures

Files

562a2428e3ea400c9d4d75cd70fa7c772af7a3e38553c42b0f6ad74c2ac6dde5
.exe windows x86

69998190daae332bc4f98f5aa007e779

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend
TransparentBlt

gdi32

GetTextExtentPointA
GetTextMetricsA
GetDeviceCaps
SelectObject
DeleteObject
CreateFontIndirectA

ole32

CoGetMalloc
CoTaskMemFree
CoTaskMemAlloc
StringFromGUID2
CoCreateInstance
CoTaskMemRealloc

kernel32

GetThreadLocale
GetVersionExA
HeapSize
lstrlenW
GetCPInfoExW
EnterCriticalSection
InterlockedExchange
GetACP
GetTickCount
QueryPerformanceCounter
GetLastError
MultiByteToWideChar
GetCPInfo
FreeEnvironmentStringsA
GetEnvironmentStrings
TlsGetValue
GetStdHandle
EnumResourceTypesA
DeleteCriticalSection
GetEnvironmentStringsW
LeaveCriticalSection
SetHandleCount
GetOEMCP
InitializeCriticalSection
GetStartupInfoA
GetLocaleInfoA
FreeEnvironmentStringsW
WriteFile
GetEnvironmentStringsW
UnhandledExceptionFilter
InterlockedIncrement
GetFileType
WideCharToMultiByte
RaiseException
TlsSetValue
GetCurrentProcessId

Sections

.text
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy