f0fa0602ac17aaef7097312ab2a40c0effad16bb5759935ce15eeba45bdef02d | Triage

Submit
Reports

Overview

overview

8

Static

static

f0fa0602ac...2d.exe

windows7-x64

8

f0fa0602ac...2d.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

f0fa0602ac17aaef7097312ab2a40c0effad16bb5759935ce15eeba45bdef02d.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

f0fa0602ac17aaef7097312ab2a40c0effad16bb5759935ce15eeba45bdef02d.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

f0fa0602ac17aaef7097312ab2a40c0effad16bb5759935ce15eeba45bdef02d
Size

799KB
MD5

2318691f674581d9951472c775dd4de6
SHA1

275a9afa35f2a80c39f2ffcd3d73242f1fe15e28
SHA256

f0fa0602ac17aaef7097312ab2a40c0effad16bb5759935ce15eeba45bdef02d
SHA512

6cbabe9365a87a1c630b72bee8b64e3c41fab356115ea43632cfa8498e8c66e2fa0848f8f177eb80310cbe64c0c12efd088be62cf76c7a4cc506aa0d0e979664
SSDEEP

24576:Nz2X83ITd67IEqIO1bSOg0oqGBKi0cfDiHKvceNh:NCX83q67jw12sVGZ0GDi9eNh

Score

N/A

Malware Config

Signatures

Files

f0fa0602ac17aaef7097312ab2a40c0effad16bb5759935ce15eeba45bdef02d
.exe windows x86

02c4cc14360fb175d9aed957868a3337

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetFileAttributesA
WriteFile
VirtualProtect
GetCommandLineA
HeapSize
IsBadReadPtr
ResumeThread
GetStdHandle
DeleteFileA
GetLocaleInfoA
ResumeThread
CreateDirectoryA
GetProcessHeap
SuspendThread
SetLocalTime
GetPriorityClass
GetDriveTypeA
ReadConsoleW
GlobalSize
CreatePipe
GetModuleHandleA

user32

DispatchMessageA
SetRect
DestroyIcon
GetWindowLongA
DestroyMenu
wsprintfA
GetMessageA
LoadCursorA
PeekMessageA
GetWindowLongA
SetCursor
GetWindowTextW
DrawIcon

els

DllRegisterServer
DllUnregisterServer
DllGetClassObject
DllUnregisterServer

rasapi32

DwCloneEntry

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 793KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy