2219c1e3c1700dcd8e90a9f19d551fb8d3a1cb42fcc1b5914973f5a44228ca3a | Triage

Submit
Reports

Overview

overview

Static

static

2219c1e3c1...3a.exe

windows7-x64

2219c1e3c1...3a.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

2219c1e3c1700dcd8e90a9f19d551fb8d3a1cb42fcc1b5914973f5a44228ca3a.exe

Resource

win7-20220812-en

persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

2219c1e3c1700dcd8e90a9f19d551fb8d3a1cb42fcc1b5914973f5a44228ca3a.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

2219c1e3c1700dcd8e90a9f19d551fb8d3a1cb42fcc1b5914973f5a44228ca3a
Size

177KB
MD5

9295854d628959811b23287eae699ed5
SHA1

adf77f17ac1c24c9c05bee68d0a4225b79d4721a
SHA256

2219c1e3c1700dcd8e90a9f19d551fb8d3a1cb42fcc1b5914973f5a44228ca3a
SHA512

eabda9896f79f226f7563f48fdb4cda97e7f96ff1557df5c9932f096109f2b6cf9dedbc9939ebdd5e812bfa9c13f162c36a563587b108dda15ce3b79c66fd468
SSDEEP

3072:utCn1R0JAzjZflv9NZgTlVHk7rgW9qKzeblYtnsEcMwnhuh07it5SgGF9j+SbVL:oCnYqzj5NeTlGkseBYtscwnhurGF9j+m

Score

N/A

Malware Config

Signatures

Files

2219c1e3c1700dcd8e90a9f19d551fb8d3a1cb42fcc1b5914973f5a44228ca3a
.exe windows x86

6f73a05efb2c63475f1ea4e680acabb2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchange
WriteFile
DeleteCriticalSection
GetLastError
GetOEMCP
GetCPInfoExW
InterlockedIncrement
LeaveCriticalSection
HeapSize
TlsSetValue
GetVersionExA
UnhandledExceptionFilter
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsA
EnumResourceTypesA
QueryPerformanceCounter
RaiseException
GetTickCount
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsW
TlsGetValue
GetEnvironmentStringsW
MultiByteToWideChar
GetACP
EnterCriticalSection
lstrlenW
GetLocaleInfoA
GetCPInfo
GetEnvironmentStringsW
GetFileType
GetStdHandle
GetThreadLocale
InitializeCriticalSection
GetCurrentProcessId

msimg32

AlphaBlend
TransparentBlt

ole32

CoGetMalloc
StringFromGUID2
CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc

gdi32

SelectObject
DeleteObject
GetTextMetricsA
GetDeviceCaps
GetTextExtentPointA
CreateFontIndirectA

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy