e0b97b733061a591287b6d1154f563e0e1e4244e5e3aa1f914b49e33edac186b | Triage

Submit
Reports

Overview

overview

8

Static

static

e0b97b7330...6b.exe

windows7-x64

8

e0b97b7330...6b.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

e0b97b733061a591287b6d1154f563e0e1e4244e5e3aa1f914b49e33edac186b.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

e0b97b733061a591287b6d1154f563e0e1e4244e5e3aa1f914b49e33edac186b.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

e0b97b733061a591287b6d1154f563e0e1e4244e5e3aa1f914b49e33edac186b
Size

800KB
MD5

465cb149156ea9c0a94ae2c02b73ff26
SHA1

be3a233e1d3475075a87e0c7f68e1ff2362d96d4
SHA256

e0b97b733061a591287b6d1154f563e0e1e4244e5e3aa1f914b49e33edac186b
SHA512

2d0fafba41c2b102f50159690781e04756c2a62bf7637a01d108572df307fb9c67e25f5bac401e49f266250a3a6ead4abb7aa18e6952b6bd02363d6a68fe4bd6
SSDEEP

24576:X+I+vDDBc/qpsOI65pMIx49BWiyE2ME7ri1Vs+:OXDK/iRIGx9Emrio+

Score

N/A

Malware Config

Signatures

Files

e0b97b733061a591287b6d1154f563e0e1e4244e5e3aa1f914b49e33edac186b
.exe windows x86

e417f750a83aa71de31e689caa3c08ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

MapViewOfFile
CreateDirectoryW
IsValidCodePage
FindResourceW
GetModuleHandleA
GetLocaleInfoW
LocalLock
GetCurrentProcess
SetLastError
GetExitCodeThread
GetFileAttributesA
GetStringTypeA
FindClose
SuspendThread
TlsGetValue
RemoveDirectoryW
VirtualProtect
SetPriorityClass
GetTickCount
GetFileAttributesA
HeapFree

user32

GetWindowLongW
SetFocus
IsWindow
GetWindowTextW
wsprintfW
IsDialogMessageA
LoadImageW
DispatchMessageA
LoadCursorA
SetCursor
LoadStringW
PeekMessageW
PostMessageW

msctf

DllCanUnloadNow
DllUnregisterServer
TF_InitSystem
DllUnregisterServer

rasapi32

DwRasUninitialize

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 699KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 789KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.import
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy