abf8e93e3864bc54d5643b1d4cb53af1eee8215251da4cee3e65af51ec096451 | Triage

Submit
Reports

Overview

overview

8

Static

static

abf8e93e38...51.exe

windows7-x64

8

abf8e93e38...51.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

abf8e93e3864bc54d5643b1d4cb53af1eee8215251da4cee3e65af51ec096451.exe

Resource

win7-20220901-en

persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

abf8e93e3864bc54d5643b1d4cb53af1eee8215251da4cee3e65af51ec096451.exe

Resource

win10v2004-20220812-en

persistence spyware stealer upx

windows10-2004-x64

4 signatures

150 seconds

General

Target

abf8e93e3864bc54d5643b1d4cb53af1eee8215251da4cee3e65af51ec096451
Size

170KB
MD5

16344342ed26b98dc967729bea0baf1e
SHA1

b3baf51453ca50be63779a2e61e7e1b8d7cc2fb2
SHA256

abf8e93e3864bc54d5643b1d4cb53af1eee8215251da4cee3e65af51ec096451
SHA512

485cfbb09b27fd093eb9ff291f65b80d22bc36dcb29dd999c61daed813b8192b0f83062d4fe70a2f309fca3e78060a194789cbc21cc22a0728a21c09fc8040ba
SSDEEP

3072:rEWNr81r/Wi8Nd4xV0PLNxR2HpjpihhoF+ewHczmYAgd01jWhN+HYvWw4sEYB:Ig81r/3+d4xGxkbN+ew8y/gQjiN+HHcE

Score

N/A

Malware Config

Signatures

Files

abf8e93e3864bc54d5643b1d4cb53af1eee8215251da4cee3e65af51ec096451
.exe windows x86

63049768e488b416a32958699bbd51e5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipGetImageWidth
GdipDisposeImage

kernel32

FindResourceA
DeleteFileA
GetCalendarInfoW
SystemTimeToFileTime
HeapSize
WideCharToMultiByte
WaitForSingleObject
DeleteFileW
GetModuleFileNameA
lstrcpynW
CreateDirectoryA
lstrcpynA
IsDBCSLeadByte
ExpandEnvironmentStringsA
GetTempPathA
GetVersion
MultiByteToWideChar
ExitProcess
QueryPerformanceCounter
EnumResourceNamesA
GetNumberFormatA
GetStringTypeA
GetCurrentProcess
SetHandleCount
GetCurrentProcessId
GetFullPathNameW
InitializeCriticalSection
CompareStringA
GetCPInfo
GetLocaleInfoA
GetStringTypeW
HeapCreate
HeapDestroy
Sleep
GetStartupInfoA
GetTickCount
GetVersionExA
GetFullPathNameA

ole32

CoGetMalloc
StringFromGUID2
CoTaskMemAlloc
CoUninitialize
CoInitialize
CoTaskMemFree

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy