ee4b4ad8b6a164af2e7f7110a892cba83c2edbf828c52a99be7dfb342e30ee36 | Triage

Submit
Reports

Overview

overview

8

Static

static

ee4b4ad8b6...36.exe

windows7-x64

8

ee4b4ad8b6...36.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

ee4b4ad8b6a164af2e7f7110a892cba83c2edbf828c52a99be7dfb342e30ee36.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

ee4b4ad8b6a164af2e7f7110a892cba83c2edbf828c52a99be7dfb342e30ee36.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

ee4b4ad8b6a164af2e7f7110a892cba83c2edbf828c52a99be7dfb342e30ee36
Size

798KB
MD5

2c6770725d661a31f1a2b68e2e00abb0
SHA1

36885a67c6715db5f3973b62ee2fa88139bf8639
SHA256

ee4b4ad8b6a164af2e7f7110a892cba83c2edbf828c52a99be7dfb342e30ee36
SHA512

54c0384b9cf000b43ae63d6fa8747677bc244721eb6eec1b4047b882ef2a306259573e79e12d5f23f99f3120ced5900e5f2d3950e94602e50db8b1d1e007e015
SSDEEP

24576:x8GuEFhpzK/M9K6doJKhCoNMsNzlHOY4r9ej:x8GukfsM9WJK8omsNzB4ro

Score

N/A

Malware Config

Signatures

Files

ee4b4ad8b6a164af2e7f7110a892cba83c2edbf828c52a99be7dfb342e30ee36
.exe windows x86

b907fed3cb8cc6e23a0b3e98ad47c51a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

HeapDestroy
GetTickCount
CreateMutexA
AddAtomW
GetModuleHandleA
GetVersionExA
GetStdHandle
ResumeThread
SuspendThread
InterlockedExchange
CreateDirectoryA
LocalFlags
CreateFileW
CreateFileW
lstrlenA
GetCurrentThreadId
SetFilePointer
LeaveCriticalSection
OpenEventW
GetModuleFileNameA
GetLocaleInfoA
VirtualProtect
SetEvent
GetFileAttributesW
IsValidLocale

user32

SetRect
wsprintfA
PeekMessageA
IsMenu
DispatchMessageA
GetWindowLongA
LoadCursorA
MessageBoxA
GetWindowTextA
DestroyIcon
DestroyMenu
IsMenu
GetWindowLongA

dplayx

DllGetClassObject
DllCanUnloadNow
DllRegisterServer
DllUnregisterServer

advapi32

IsValidAcl

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 756KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 793KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy