83003f0fd750f661d9f801627e0554a87ede4d593d7b20e1aaf596da1aed4cf5 | Triage

Submit
Reports

Overview

overview

8

Static

static

83003f0fd7...f5.exe

windows7-x64

8

83003f0fd7...f5.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

83003f0fd750f661d9f801627e0554a87ede4d593d7b20e1aaf596da1aed4cf5.exe

Resource

win7-20220901-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

83003f0fd750f661d9f801627e0554a87ede4d593d7b20e1aaf596da1aed4cf5.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

83003f0fd750f661d9f801627e0554a87ede4d593d7b20e1aaf596da1aed4cf5
Size

811KB
MD5

2528f679e907f47ad16b21c80a3541d1
SHA1

f94a191995be34b62824515ad1fbab99e73d6ccb
SHA256

83003f0fd750f661d9f801627e0554a87ede4d593d7b20e1aaf596da1aed4cf5
SHA512

5d29cadec99a3d35796e1536c978db06dcf075b89e59fe68f2e897942971af7bd2d4d0a0624171c90d52719d67abac43fd472836bf6a973581b8d04b4545257c
SSDEEP

24576:UaESzLWqOFMApOCwxLarYk6X5M72LIeH6Xn:LtzaqOFMfCwxL3Xy74W

Score

N/A

Malware Config

Signatures

Files

83003f0fd750f661d9f801627e0554a87ede4d593d7b20e1aaf596da1aed4cf5
.exe windows x86

ba3d86625477bd56feec66342d156649

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetFileTime
LocalLock
CreateFileA
DeleteFileA
EnterCriticalSection
GetModuleHandleA
GetStartupInfoA
GetCurrentThreadId
FindClose
GetConsoleMode
InitializeCriticalSection
LeaveCriticalSection
RemoveDirectoryA
TlsGetValue
VirtualProtectEx
WriteConsoleW
CloseHandle
GlobalFree
GetProcessHeap
GetDriveTypeA
CreateDirectoryA
Sleep
GetLocalTime
GetCalendarInfoW

user32

PeekMessageA
wsprintfA
EqualRect
GetSysColor
GetKeyState
GetWindowLongA
GetWindowDC
DispatchMessageA
GetWindowLongA
MessageBoxA
IsWindowVisible
FillRect
IsWindowEnabled

cryptnet

CryptGetTimeValidObject
LdapProvOpenStore
CryptGetObjectUrl
CertDllVerifyCTLUsage

advapi32

IsValidSid

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 800KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy