6f3015ef3d36779258b4630895e84b9f099176c8d2b1c09667a39dc099b73ed6 | Triage

Submit
Reports

Overview

overview

8

Static

static

6f3015ef3d...d6.exe

windows7-x64

8

6f3015ef3d...d6.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

6f3015ef3d36779258b4630895e84b9f099176c8d2b1c09667a39dc099b73ed6.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

6f3015ef3d36779258b4630895e84b9f099176c8d2b1c09667a39dc099b73ed6.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

6f3015ef3d36779258b4630895e84b9f099176c8d2b1c09667a39dc099b73ed6
Size

805KB
MD5

84ee6f1f470fee94496eef2e004b7c30
SHA1

283914a62ddfb9371fb807360bc7b00bd23323c6
SHA256

6f3015ef3d36779258b4630895e84b9f099176c8d2b1c09667a39dc099b73ed6
SHA512

936e6d865e6469072e2625c9b346bc842810ac291dcae85005a0c77e350a34686a69a48c00e6e994116f7c18d0a9f063b359a238d2d8f8d67273675b310b368c
SSDEEP

24576:qBuw/xw85gPfTcFMjh3aP5JmGhdYgDB2pcDD+e2o:qUgxET0MjoRJCGYpve2o

Score

N/A

Malware Config

Signatures

Files

6f3015ef3d36779258b4630895e84b9f099176c8d2b1c09667a39dc099b73ed6
.exe windows x86

ee0581c6cfc6dd9f28af977cac1706cc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

OpenMutexW
PulseEvent
HeapDestroy
GlobalFlags
CreateFileW
CreateFileW
LeaveCriticalSection
IsValidLocale
GetTickCount
GetVolumePathNameA
GetFileAttributesW
OpenEventW
VirtualProtectEx
CreateDirectoryA
DeleteFileW
GetModuleHandleA
InterlockedExchange
DeleteFileW
AddAtomA
GetDriveTypeW
GetCurrentThreadId
GetModuleFileNameA
lstrlenA
SetFileTime
SetFilePointer

user32

DispatchMessageA
GetWindowLongA
DestroyIcon
wsprintfA
SetRect
IsMenu
GetWindowTextA
SetFocus
DestroyMenu
MessageBoxA
PeekMessageA
GetWindowLongA
LoadCursorA

dmdskmgr

?namecmp@@YGHPBG0@Z
DllCanUnloadNow
DllRegisterServer
DllGetClassObject

advapi32

IsValidAcl

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 795KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy