d6b3544b9a013b156930af3524bf1b534a7f9170335a7dd277f63e209ca0bd25 | Triage

Submit
Reports

Overview

overview

8

Static

static

d6b3544b9a...25.exe

windows7-x64

8

d6b3544b9a...25.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

d6b3544b9a013b156930af3524bf1b534a7f9170335a7dd277f63e209ca0bd25.exe

Resource

win7-20220901-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

d6b3544b9a013b156930af3524bf1b534a7f9170335a7dd277f63e209ca0bd25.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

d6b3544b9a013b156930af3524bf1b534a7f9170335a7dd277f63e209ca0bd25
Size

800KB
MD5

0bc0a89396a9ffff5357e8f0baa9c676
SHA1

06d2f3ee8365a934fbcb2ed11883a654e6f97937
SHA256

d6b3544b9a013b156930af3524bf1b534a7f9170335a7dd277f63e209ca0bd25
SHA512

d861199c114826fb1d78ff95ca1765f7a6e09c39250618fed9c36bcf2e8ad331965337007dea733533dd73f90cd1e8dcbf46f24e1561d08e2380410c3059d633
SSDEEP

12288:CMRYx679KMjTgwMDn956jmvY5Un0wJGGopylCRcMgCJTR1zLtituUXJOlCBSXOOS:Cn6RKKKL7LBlQcHoTRfAuUAlCevSr7

Score

N/A

Malware Config

Signatures

Files

d6b3544b9a013b156930af3524bf1b534a7f9170335a7dd277f63e209ca0bd25
.exe windows x86

0aacf3ccf63b26aed1f66c138ba85136

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SetLastError
HeapSize
GetExitCodeThread
GetTickCount
FindResourceA
TlsGetValue
CreateDirectoryA
GetFileAttributesA
GetFileAttributesA
GetStringTypeA
GetDriveTypeW
GetProcessHeap
GetModuleHandleA
ResetEvent
GetLocaleInfoA
IsBadWritePtr
VirtualProtect
IsValidCodePage
FindClose
RemoveDirectoryA
MapViewOfFile

user32

wsprintfW
GetWindowTextW
PostMessageW
LoadImageW
IsWindow
SetFocus
DispatchMessageA
LoadCursorA
IsDialogMessageA
PeekMessageA
GetCapture
SetCursor
GetWindowLongW

msaatext

DllUnregisterServer
DllUnregisterServer
DllGetClassObject
DllCanUnloadNow

rasapi32

DwRasUninitialize

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 789KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.import
Size: 512B - Virtual size: 476B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy