f126a25282ab48dae7167b23673f52269045facd067e8470aaf0e67f57c57ade | Triage

Submit
Reports

Overview

overview

Static

static

f126a25282...de.exe

windows7-x64

f126a25282...de.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

f126a25282ab48dae7167b23673f52269045facd067e8470aaf0e67f57c57ade.exe

Resource

win7-20220812-en

persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

f126a25282ab48dae7167b23673f52269045facd067e8470aaf0e67f57c57ade.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

f126a25282ab48dae7167b23673f52269045facd067e8470aaf0e67f57c57ade
Size

197KB
MD5

9264f05cb6c2696a3c6a61f194e4ea1d
SHA1

aa76bf9ae2815f5db1fd3e6380dd29cfa0a6647a
SHA256

f126a25282ab48dae7167b23673f52269045facd067e8470aaf0e67f57c57ade
SHA512

ad607d313f889590d211079b0525f84061fed1e6e2ababa46590cddf8898cb31f02e1eb92b199c0077a8c8bf776f74eab77ed7f6e9836abb5e2073effd72e1b7
SSDEEP

6144:wzB1ZgFtFkfpJtqaWr08ZST9zUcN+tS4Jeif:w91yWfpJtqaWr08ZkeU+tSx

Score

N/A

Malware Config

Signatures

Files

f126a25282ab48dae7167b23673f52269045facd067e8470aaf0e67f57c57ade
.exe windows x86

f7fbf305c54e772a333856f2b9806ca4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend
TransparentBlt

kernel32

SetHandleCount
EnterCriticalSection
GetLocaleInfoA
GetEnvironmentStrings
WriteFile
GetCPInfoExA
MultiByteToWideChar
GetStartupInfoA
InitializeCriticalSection
GetEnvironmentStringsW
HeapSize
QueryPerformanceCounter
DeleteCriticalSection
InterlockedExchange
RaiseException
EnumResourceNamesW
GetACP
lstrlenW
GetVersionExA
InterlockedIncrement
GetLastError
UnhandledExceptionFilter
GetThreadLocale
TlsSetValue
FreeEnvironmentStringsA
RaiseException
TlsGetValue
GetOEMCP
LeaveCriticalSection
FreeEnvironmentStringsW
GetCPInfo
GetStdHandle
GetTickCount
WideCharToMultiByte
GetFileType
GetCurrentProcessId

gdi32

SelectObject
GetTextMetricsA
GetTextExtentPointA
DeleteObject
GetDeviceCaps
CreateFontIndirectA

ole32

CoGetMalloc
CoTaskMemFree
StringFromGUID2
CoTaskMemAlloc
CoCreateInstance
CoTaskMemRealloc

Sections

.text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy