0ac725fa6824696a74800681db19b94b5878ade4d5e079c562a8b52b71eb88e6 | Triage

Submit
Reports

Overview

overview

8

Static

static

0ac725fa68...e6.exe

windows7-x64

8

0ac725fa68...e6.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

0ac725fa6824696a74800681db19b94b5878ade4d5e079c562a8b52b71eb88e6.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

0ac725fa6824696a74800681db19b94b5878ade4d5e079c562a8b52b71eb88e6.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

0ac725fa6824696a74800681db19b94b5878ade4d5e079c562a8b52b71eb88e6
Size

831KB
MD5

5921c52542b4d761a8d95eb5e2bdcbf0
SHA1

53b8272f5f50500df2dc0572a6b3b23b061cebf3
SHA256

0ac725fa6824696a74800681db19b94b5878ade4d5e079c562a8b52b71eb88e6
SHA512

bf36dd2abe0be62c7c90f4417a41b9361f48739a4ba6048e39bf2237fffee43b200fb2a0ec76795caf6fb45ecd637daabcc7839469867865ed3a93d5fd26fa61
SSDEEP

24576:oPdJDu5DxkXIQEoh8ndaobyBznwg/yf+jVKYJ:oPdMkXItswJAK

Score

N/A

Malware Config

Signatures

Files

0ac725fa6824696a74800681db19b94b5878ade4d5e079c562a8b52b71eb88e6
.exe windows x86

f53ca63a2c20862536974bfff8b832f8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

WriteConsoleW
GetTimeFormatW
HeapFree
VirtualProtect
lstrcatW
OpenEventW
GetTickCount
GetModuleHandleA
lstrlenA
GetPrivateProfileIntA
GetShortPathNameW
GetDiskFreeSpaceA
GetStringTypeA
GetDriveTypeW
GetVolumeInformationW
CreateMutexA
CreateEventA
SetStdHandle
SetEnvironmentVariableA

msftedit

RichListBoxWndProc
RichComboBoxWndProc
RichEditWndProc
REExtendedRegisterClass

Sections

.CODE
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2.9MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.udata
Size: 803KB - Virtual size: 802KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ydata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy