a5ff4f4497622674a097be478471d16862513aebdf856c6344976ec50d4f437a | Triage

Submit
Reports

Overview

overview

8

Static

static

a5ff4f4497...7a.exe

windows7-x64

8

a5ff4f4497...7a.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

a5ff4f4497622674a097be478471d16862513aebdf856c6344976ec50d4f437a.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

a5ff4f4497622674a097be478471d16862513aebdf856c6344976ec50d4f437a.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

a5ff4f4497622674a097be478471d16862513aebdf856c6344976ec50d4f437a
Size

799KB
MD5

93a2c505ca92877146b8b3ce0d269180
SHA1

ad5da5eea4446645af296b8dd768e7f71df54d4f
SHA256

a5ff4f4497622674a097be478471d16862513aebdf856c6344976ec50d4f437a
SHA512

ea129acc34c9c7ba3aae7ec955117fdbc7c4d7afc69e81e220d1bfce95231b947ff878752a8670001cb2b8e99a589d85a5a26caf330d8c3e182049bc387f3b49
SSDEEP

24576:TwT4EzfPcBxns4TIIePqBr54tFDCM4e5:TwTLfPuBs4TIIePESDt4

Score

N/A

Malware Config

Signatures

Files

a5ff4f4497622674a097be478471d16862513aebdf856c6344976ec50d4f437a
.exe windows x86

f22aa9ee7a370590be1ae1e66505f9c0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleFileNameA
GetVersionExA
ResumeThread
CreateDirectoryA
GetProcessHeap
GetCurrentThreadId
HeapSize
IsValidLocale
GetPriorityClass
SetFilePointer
CreateMutexW
VirtualProtect
SetEvent
GetStdHandle
GetFileAttributesW
GlobalSize
CreateFileW
lstrlenA
CreateFileW
HeapDestroy
LeaveCriticalSection
GetModuleHandleA
GetLocaleInfoA
IsBadReadPtr
SuspendThread

user32

DestroyMenu
SetCursor
SetRect
GetWindowLongA
wsprintfA
LoadCursorA
GetWindowTextA
DestroyIcon
DispatchMessageA
GetWindowLongA
DrawIcon
PeekMessageA
GetScrollInfo

duser

GetGadgetFocus
GetDebug
GetGadgetRect
GetGadget

advapi32

IsValidAcl

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 793KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy