893aebb192b864f043071965c9aceb1ee075c6e2ecefd71febb4cb15dc097039 | Triage

Submit
Reports

Overview

overview

8

Static

static

893aebb192...39.exe

windows7-x64

8

893aebb192...39.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

893aebb192b864f043071965c9aceb1ee075c6e2ecefd71febb4cb15dc097039.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

893aebb192b864f043071965c9aceb1ee075c6e2ecefd71febb4cb15dc097039.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

893aebb192b864f043071965c9aceb1ee075c6e2ecefd71febb4cb15dc097039
Size

813KB
MD5

bdf4a544bdefd6f81a49b2ae25dec964
SHA1

b0fb894dcfcbc52aad1a9c665a50d706975a7065
SHA256

893aebb192b864f043071965c9aceb1ee075c6e2ecefd71febb4cb15dc097039
SHA512

68c7d9c2cf2521147e05c90ab6a8f7893d13389f15253ede38645d083fd83ba298cddacc258ddd074ee2a8287d921ebef914b686221dbf4591c5236a22d0bb1e
SSDEEP

24576:vsMs11UTwrVuOMfHnDoConjVhgTozbv0vrg:vsrks50cCojVGk8

Score

N/A

Malware Config

Signatures

Files

893aebb192b864f043071965c9aceb1ee075c6e2ecefd71febb4cb15dc097039
.exe windows x86

07aacc4059451874944a6ec655bf327b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetShortPathNameW
CreateEventW
WriteConsoleW
lstrcpyA
GetCurrentProcess
SetCurrentDirectoryA
GetPrivateProfileIntW
GetTickCount
HeapCreate
WriteConsoleA
HeapFree
GetConsoleTitleA
CreateMutexW
SetVolumeLabelA
GetStringTypeA
GetVolumePathNameW
SetEnvironmentVariableA
LoadLibraryA
SetStdHandle

aaclient

LoadClientAdapter
OpenKeyReader
OpenKeyReaderWriter
g_fnStartTransport

Sections

.CODE
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kdata
Size: 1024B - Virtual size: 710B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fdata
Size: 801KB - Virtual size: 3.7MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy