ddfc1c88e23f2c6b5559ef1d40376d8d7815b27a15547a75dd704accb08043eb | Triage

Submit
Reports

Overview

overview

8

Static

static

ddfc1c88e2...eb.exe

windows7-x64

8

ddfc1c88e2...eb.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

ddfc1c88e23f2c6b5559ef1d40376d8d7815b27a15547a75dd704accb08043eb.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

ddfc1c88e23f2c6b5559ef1d40376d8d7815b27a15547a75dd704accb08043eb.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

ddfc1c88e23f2c6b5559ef1d40376d8d7815b27a15547a75dd704accb08043eb
Size

830KB
MD5

2070085e565898fcd1fa266dd60961f6
SHA1

4e31165e731a98f12758be58ae844bc708a7e08e
SHA256

ddfc1c88e23f2c6b5559ef1d40376d8d7815b27a15547a75dd704accb08043eb
SHA512

4d69d546f72a207d1e9813aa39dec525732bdf962656f2c30c6b422e63a8ec15a3e5b39b7a170ebee50d1deeea5f1e93f5a4d2d78f1b7bad46042ff83aa1c8f3
SSDEEP

12288:Ym3bfgX6Uk2+X6ezb3UsnECFUfFNoBtydXfRBDJtI+8sweAXdROyaMl7:B3LgX9TClzFuN8yRR5JSzsAXdMy/

Score

N/A

Malware Config

Signatures

Files

ddfc1c88e23f2c6b5559ef1d40376d8d7815b27a15547a75dd704accb08043eb
.exe windows x86

4e05c2bb301ebb9356cfced5d26d0b1c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetFullPathNameA
GetCommandLineA
GetConsoleAliasA
CreateSemaphoreW
GetModuleHandleA
GetDiskFreeSpaceA
GetLocaleInfoW
WaitForSingleObject
CompareStringW
GetStdHandle
ResumeThread
MoveFileExA
OpenMutexA
EnumCalendarInfoW
GetCurrentProcess
HeapCreate
CreateEventA

hnetcfg

HNetGetSharingServicesPage
HNetDeleteRasConnection
HNetFreeSharingServicesPage
HNetGetFirewallSettingsPage

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_MEM_WRITE

.adata
Size: 813KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy