b525a5fb42aeeb988daca786e09f6c322b4f9a22250e06768e082917a339a064 | Triage

Submit
Reports

Overview

overview

Static

static

b525a5fb42...64.exe

windows7-x64

b525a5fb42...64.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

b525a5fb42aeeb988daca786e09f6c322b4f9a22250e06768e082917a339a064.exe

Resource

win7-20220812-en

persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

b525a5fb42aeeb988daca786e09f6c322b4f9a22250e06768e082917a339a064.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

b525a5fb42aeeb988daca786e09f6c322b4f9a22250e06768e082917a339a064
Size

192KB
MD5

096b1ffd2a58227ab3c9ecfc08125fe0
SHA1

51f968a3ea0e94b79b3913afb535d1832eefd2d0
SHA256

b525a5fb42aeeb988daca786e09f6c322b4f9a22250e06768e082917a339a064
SHA512

675d2db780d7efeea6a14b0c07c817f01408a18055e3137a19968912d61ad4ccbb1ecab960080e782616cd2700789f3e032a20e85e5838c1224c4779f1495704
SSDEEP

3072:l00I/0maej2yDUQwSt9uCYRpjQSvfuGoyfE/jXMcKRXEQo+3txpYwcvDhCgHqeog:ZIMTej2yVwSt9uZRpjQSvfuGCL8cKuQK

Score

N/A

Malware Config

Signatures

Files

b525a5fb42aeeb988daca786e09f6c322b4f9a22250e06768e082917a339a064
.exe windows x86

4e4ea8299e49a9308c0a2944ae969f93

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushFileBuffers
CreateFileA
CreateEventW
GetEnvironmentStringsW
LoadLibraryA
GetModuleFileNameW
SetProcessAffinityMask
GetACP
TerminateThread
ReadFile
GetStringTypeW
OutputDebugStringW
GetLocaleInfoA
CreateProcessW
GetStringTypeA
GetConsoleOutputCP
Sleep
GlobalLock
GetOEMCP
InterlockedDecrement
WaitForSingleObject
LCMapStringW
EnumResourceTypesA
FreeEnvironmentStringsW
SetStdHandle
WriteConsoleW
WriteConsoleA
GetSystemTimeAsFileTime
WriteFile
DeleteCriticalSection
QueryPerformanceCounter
CreateHardLinkA
LCMapStringA
IsValidCodePage
InterlockedIncrement
GetEnvironmentStrings
SetEndOfFile
CreateFileW
GetCPInfo
GlobalAlloc
GlobalUnlock

imm32

ImmAssociateContext

ole32

GetHGlobalFromILockBytes
CoInitializeSecurity
CoQueryProxyBlanket
CoTaskMemFree
CoUninitialize
CoCreateInstance
CoInitializeEx
CoSetProxyBlanket
StringFromGUID2

Sections

.text
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy