8f2bb3c14178db179bf972bd99ef6fa8f9f3b49b6b43fe9a2ab361e82d2f32de | Triage

Submit
Reports

Overview

overview

Static

static

8f2bb3c141...de.exe

windows7-x64

8f2bb3c141...de.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

8f2bb3c14178db179bf972bd99ef6fa8f9f3b49b6b43fe9a2ab361e82d2f32de.exe

Resource

win7-20220812-en

evasion persistence spyware stealer upx

windows7-x64

15 signatures

150 seconds

Behavioral task

behavioral2

Sample

8f2bb3c14178db179bf972bd99ef6fa8f9f3b49b6b43fe9a2ab361e82d2f32de.exe

Resource

win10v2004-20220901-en

evasion persistence spyware stealer upx

windows10-2004-x64

18 signatures

150 seconds

General

Target

8f2bb3c14178db179bf972bd99ef6fa8f9f3b49b6b43fe9a2ab361e82d2f32de
Size

173KB
MD5

0cc1015e82c1b0424dc47dfe53f0bbf0
SHA1

9ba10afde27092b02765a8e86e9489f4e9e0e34e
SHA256

8f2bb3c14178db179bf972bd99ef6fa8f9f3b49b6b43fe9a2ab361e82d2f32de
SHA512

3947fc268af18cb4d7d1494e1b8dc5653111a864d6854bde35ee0563bf278d030cf30e1c9ccf142878c7c53cbf29251bc224a46ae848b3a2dbfc0cf4b6c87377
SSDEEP

3072:/Z8Qc1WFmtcHBJyQahrNzgsd2bUp/Me0k+moAvgPVkdn8wxLZ7Pk5+BWNktSaf:B8ti77ylhrFg7bUp/7oAvgyd8clTpBKi

Score

N/A

Malware Config

Signatures

Files

8f2bb3c14178db179bf972bd99ef6fa8f9f3b49b6b43fe9a2ab361e82d2f32de
.exe windows x86

8920f3559fd240cce6dba15c39dc6b64

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipCreateHBITMAPFromBitmap
GdipCloneImage

kernel32

GetSystemTimeAsFileTime
SetFilePointer
AddAtomW
LCMapStringW
GetStringTypeW
GetCurrentThreadId
RaiseException
DeleteCriticalSection
FlushFileBuffers
GetModuleHandleA
LCMapStringA
InterlockedDecrement
IsBadReadPtr
LoadLibraryExA
EnumResourceNamesA
SetStdHandle
InitializeCriticalSection
GetCurrentProcess
GetCurrentProcessId
IsBadCodePtr
HeapAlloc
RegisterWaitForSingleObject
InterlockedIncrement
GetStringTypeA
GetLastError
LeaveCriticalSection
EnterCriticalSection
FlushInstructionCache
CloseHandle
SizeofResource

shell32

Shell_NotifyIconA

gdi32

CreateFontIndirectA

setupapi

CM_Get_Depth
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

Sections

.text
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy