6e389c71dc2a70bfb59f2010c39da4ff244dbc9c930feaeabcfe59cc50dda54e | Triage

Submit
Reports

Overview

overview

8

Static

static

6e389c71dc...4e.exe

windows7-x64

8

6e389c71dc...4e.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

6e389c71dc2a70bfb59f2010c39da4ff244dbc9c930feaeabcfe59cc50dda54e.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

6e389c71dc2a70bfb59f2010c39da4ff244dbc9c930feaeabcfe59cc50dda54e.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

6e389c71dc2a70bfb59f2010c39da4ff244dbc9c930feaeabcfe59cc50dda54e
Size

799KB
MD5

de9ee3a13df0d1fcc69ba3996a5f4436
SHA1

14da6b52c53a671a77490355c846929c38ed2a49
SHA256

6e389c71dc2a70bfb59f2010c39da4ff244dbc9c930feaeabcfe59cc50dda54e
SHA512

f9b6f1c8b7efc93de01e6f88afa582ea19214652dfb6b3cda547e589962213fca8707cc0d568bb8ad9fae0a4d8210afa80f07feeeba73ef96833b9533f186b08
SSDEEP

24576:c7+oh+w3UyXUCVJ+p11+ljhp+AtRsNTTm0oUdH:c7NhOyECVa11qjhoKP3c

Score

N/A

Malware Config

Signatures

Files

6e389c71dc2a70bfb59f2010c39da4ff244dbc9c930feaeabcfe59cc50dda54e
.exe windows x86

54504a383344a875edd7c135922d4214

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

HeapSize
HeapDestroy
GetModuleFileNameA
GetCurrentThreadId
GetModuleHandleA
GetStdHandle
SuspendThread
IsValidLocale
CreateFileW
CreateMutexW
GetVersionExA
GetFileAttributesW
LeaveCriticalSection
SetFilePointer
GetLocaleInfoA
CreateFileW
GlobalSize
ResumeThread
GetProcessHeap
SetEvent
VirtualProtect
lstrlenA
CreateDirectoryA
IsBadReadPtr
GetPriorityClass

user32

LoadCursorA
MessageBoxW
wsprintfA
GetWindowLongA
GetWindowLongA
DestroyMenu
DrawIcon
PeekMessageA
DestroyIcon
SetRect
DispatchMessageA
GetWindowTextA
SetCursor

dpnet

DllRegisterServer
DllUnregisterServer
DllGetClassObject
DllCanUnloadNow

advapi32

IsValidAcl

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 793KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy