fc24e60cb8f87e60a51be19e9de3f6b13ccf63ab45f1547e68f4834e469eba7c | Triage

Submit
Reports

Overview

overview

Static

static

fc24e60cb8...7c.exe

windows7-x64

fc24e60cb8...7c.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

fc24e60cb8f87e60a51be19e9de3f6b13ccf63ab45f1547e68f4834e469eba7c.exe

Resource

win7-20220812-en

persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

fc24e60cb8f87e60a51be19e9de3f6b13ccf63ab45f1547e68f4834e469eba7c.exe

Resource

win10v2004-20220812-en

persistence spyware stealer upx

windows10-2004-x64

4 signatures

150 seconds

General

Target

fc24e60cb8f87e60a51be19e9de3f6b13ccf63ab45f1547e68f4834e469eba7c
Size

184KB
MD5

932f1a2cac2c782a17cf7591a15b4750
SHA1

7b4430cc8bfb1bb25f5d9ac1301126ccff6b6a2d
SHA256

fc24e60cb8f87e60a51be19e9de3f6b13ccf63ab45f1547e68f4834e469eba7c
SHA512

dc9b0889831f1f081955aefa038d0f040fbe29683b9eea79bea47147a3acfc70b7585c969c0913319fef6a613290cb55a19f183e0c3176268d68d6d4c5ce1ab4
SSDEEP

3072:nJqTPl1R1+BPJorz5w2Kl6HXVQDFBEwiz8vr0ymuM2u5DYIMOSLioYN17S+ZW:ib1+9urz5wsFUCRuM7FMP+ZW

Score

N/A

Malware Config

Signatures

Files

fc24e60cb8f87e60a51be19e9de3f6b13ccf63ab45f1547e68f4834e469eba7c
.exe windows x86

864902b55d3ac3daeebf1ad5dbc9bbd5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

I_RpcFreeBuffer
UuidCreate

shlwapi

PathFindExtensionA

user32

IsWindow
EnableWindow
SendMessageA
CreateDialogParamA
IsDialogMessageA
MoveWindow
SetDlgItemTextA
GetDlgItem
IsDlgButtonChecked
SetWindowLongA
ShowWindow
WinHelpA
GetDlgItemTextA
CheckDlgButton
GetDialogBaseUnits
ReleaseDC
UnregisterClassA
DestroyWindow
GetDC
CharNextA

kernel32

HeapCreate
FlushInstructionCache
HeapReAlloc
HeapDestroy
VirtualAlloc
SetLastError
VirtualQuery
RtlUnwind
ExitProcess
TlsAlloc
ExitProcess
GetSystemInfo
SetLocaleInfoW
SetUnhandledExceptionFilter
IsBadWritePtr
TerminateProcess
GetProcAddress
VirtualFree
GetCommandLineA
VirtualProtect

ole32

CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
StringFromGUID2
CoTaskMemRealloc

Sections

.text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy