d00fa2c59db72dd03ea5b6f16537dd6b06ffeae83f835ee726baa636a9d83b2b | Triage

Submit
Reports

Overview

overview

8

Static

static

d00fa2c59d...2b.exe

windows7-x64

8

d00fa2c59d...2b.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

d00fa2c59db72dd03ea5b6f16537dd6b06ffeae83f835ee726baa636a9d83b2b.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

d00fa2c59db72dd03ea5b6f16537dd6b06ffeae83f835ee726baa636a9d83b2b.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

d00fa2c59db72dd03ea5b6f16537dd6b06ffeae83f835ee726baa636a9d83b2b
Size

810KB
MD5

291ac38723374821ab9f32ab2f896f11
SHA1

c502cc2d8c0931f2fb715ee164bb68c9d09a3696
SHA256

d00fa2c59db72dd03ea5b6f16537dd6b06ffeae83f835ee726baa636a9d83b2b
SHA512

57e6f5d364102882268d4fdc968c920d25529b4371124fde5334c747c16b7cf17ec438d4bb3710a094eeaa78be9b09da10d032e2e7277d88c53ddd425103bb14
SSDEEP

24576:BfI8OCLwCW7n6ergPz79TuxeDSQghNY2ToKtNy6:BrwCqnTiz7Ux4wNYxT

Score

N/A

Malware Config

Signatures

Files

d00fa2c59db72dd03ea5b6f16537dd6b06ffeae83f835ee726baa636a9d83b2b
.exe windows x86

1fe72a7f6b9c630bda8194d1073e40ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
SetLastError
SetLastError
SetLastError
SetLastError
GetFullPathNameW
lstrcpyA
SetLastError
VirtualProtectEx
GetModuleHandleA
OpenMutexA
MoveFileW
CreateSemaphoreW
GetTickCount
GetLogicalDriveStringsA
SetCurrentDirectoryA

riched20

RichEditANSIWndProc
RichEdit10ANSIWndProc
IID_IRichEditOle
IID_ITextHost

Sections

.code
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.ndata
Size: 800KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy