9e5b0c8f3ab0f18f688511c695ce2e49c5c5a7e068cda7b66f98ba46d33aa765 | Triage

Submit
Reports

Overview

overview

8

Static

static

9e5b0c8f3a...65.exe

windows7-x64

8

9e5b0c8f3a...65.exe

windows10-2004-x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

9e5b0c8f3ab0f18f688511c695ce2e49c5c5a7e068cda7b66f98ba46d33aa765.exe

Resource

win7-20220812-en

spyware stealer upx

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

9e5b0c8f3ab0f18f688511c695ce2e49c5c5a7e068cda7b66f98ba46d33aa765.exe

Resource

win10v2004-20220812-en

spyware stealer upx

windows10-2004-x64

3 signatures

150 seconds

General

Target

9e5b0c8f3ab0f18f688511c695ce2e49c5c5a7e068cda7b66f98ba46d33aa765
Size

186KB
MD5

936cd345c9aab72d8d2ca4d2dccc7680
SHA1

340bfe3a4ef8cd67a7e75c58e4aa7edc31f22282
SHA256

9e5b0c8f3ab0f18f688511c695ce2e49c5c5a7e068cda7b66f98ba46d33aa765
SHA512

4d31d61406e3d4a1b8f112377589798b5c54d00bb2ae7574ef0588c44a626c39c27ddb8f07557371cc7b9dc2a8a3acafb3cd86b5aafc3b7d979af909be9ef7a5
SSDEEP

3072:4gLSGDkSWvpfCoz3CmEeY7bpt/W1WYpUuJt8ZfHuvb9iAVu4HdN6HiL1yC/s:tY1BzSmEeY/rWIHat8Zmb9tVvb5xy

Score

N/A

Malware Config

Signatures

Files

9e5b0c8f3ab0f18f688511c695ce2e49c5c5a7e068cda7b66f98ba46d33aa765
.exe windows x86

1f4f119375e5fa15ec56fb28f5aef184

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameA
VirtualAlloc
IsValidCodePage
GetConsoleOutputCP
HeapReAlloc
RtlUnwind
GetTimeFormatA
GetLocaleInfoA
GetDateFormatA
GetACP
MultiByteToWideChar
TlsSetValue
EnumResourceNamesA
GetOEMCP
GetModuleHandleW
TlsAlloc
HeapSize
SetStdHandle
WriteConsoleA
TlsGetValue
SetFilePointer
GetCPInfo
RaiseException

occache

FindControlClose

shell32

SHGetFolderLocation
DragAcceptFiles
SHGetSpecialFolderLocation
ShellExecuteW
SHGetMalloc
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteExW
SHGetDesktopFolder
SHAppBarMessage
SHGetFileInfoW
Shell_NotifyIconW

Sections

.text
Size: 88KB - Virtual size: 231KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy