d66972fb5c22442a79d6f72c0f59588626d961c0b5334ba0c31ac277627a3067 | Triage

Submit
Reports

Overview

overview

8

Static

static

d66972fb5c...67.exe

windows7-x64

8

d66972fb5c...67.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

d66972fb5c22442a79d6f72c0f59588626d961c0b5334ba0c31ac277627a3067.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

d66972fb5c22442a79d6f72c0f59588626d961c0b5334ba0c31ac277627a3067.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

d66972fb5c22442a79d6f72c0f59588626d961c0b5334ba0c31ac277627a3067
Size

797KB
MD5

5679cac685b9bd83ce5c24a585eab350
SHA1

5e4ff610feaa98f50c93c33ee28f0f583822ea53
SHA256

d66972fb5c22442a79d6f72c0f59588626d961c0b5334ba0c31ac277627a3067
SHA512

907d96bbdb31221192f9d7a3c6b0d5fa42164225dda4fb8fb21de8af6677c2df76b228fba5b33727a2c6fb5b6256131351b0212056bf3c8dbedae4823c2c4efa
SSDEEP

24576:uQ6eVtNlkqpp5zsNJ8+ee7dqoG+hyo0LrI:uQ68FkqfuNJ8UqlIvMr

Score

N/A

Malware Config

Signatures

Files

d66972fb5c22442a79d6f72c0f59588626d961c0b5334ba0c31ac277627a3067
.exe windows x86

bd98dabe68e353673f026ab45d6d01fb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GlobalLock
GetFileAttributesW
GetPrivateProfileSectionA
CloseHandle
RemoveDirectoryW
LocalFlags
SetLastError
GetStringTypeA
HeapFree
GetCurrentProcess
SetCommBreak
GetFileAttributesW
DeviceIoControl
CreateEventA
CreateDirectoryW
GetVersionExA
GetModuleHandleA
GetCurrentThread
VirtualProtectEx
FindClose
GetPrivateProfileIntA

user32

LoadCursorW
GetWindowTextW
DispatchMessageA
GrayStringA
IsDialogMessageA
IsWindow
SetFocus
PeekMessageW
SetCursorPos
IsZoomed
GetWindowLongW
wsprintfW
PostMessageW

mswsock

GetNameByTypeA
GetServiceA
getnetbyname
GetAddressByNameA

ntshrui

IsPathSharedA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 699KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 789KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.import
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy