ac3127842d5fce678a8f99f0aa5189c22a20024d3bbbb01087b6467222d3d07c | Triage

Submit
Reports

Overview

overview

8

Static

static

ac3127842d...7c.exe

windows7-x64

8

ac3127842d...7c.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

ac3127842d5fce678a8f99f0aa5189c22a20024d3bbbb01087b6467222d3d07c.exe

Resource

win7-20220901-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

ac3127842d5fce678a8f99f0aa5189c22a20024d3bbbb01087b6467222d3d07c.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

ac3127842d5fce678a8f99f0aa5189c22a20024d3bbbb01087b6467222d3d07c
Size

799KB
MD5

288a3670dbd6fdcec0e3cf722651d7b1
SHA1

a8892649a671cbd2c3d4359c7c7ad368c8bbd80e
SHA256

ac3127842d5fce678a8f99f0aa5189c22a20024d3bbbb01087b6467222d3d07c
SHA512

6b904147d55cc88b5cf1b129ab497c9a2510c47490280a31c57a9a44cea04319b743521413c219f01208b887fb7db6021f3eac707f9c062c9fd2d98bae5a284b
SSDEEP

24576:6fLZ5+oUS0GhK6v13tFp8yuQbGtMKRQEv:6l4S0GP13tVGtfRz

Score

N/A

Malware Config

Signatures

Files

ac3127842d5fce678a8f99f0aa5189c22a20024d3bbbb01087b6467222d3d07c
.exe windows x86

5f067d920e4537f0eaa5c38b7863b0ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetCurrentThreadId
LeaveCriticalSection
ResumeThread
SetFilePointer
InterlockedExchange
GetModuleFileNameA
GetFileAttributesW
CreateDirectoryA
VirtualProtect
GetStdHandle
SetEvent
SuspendThread
OpenEventW
GetLocaleInfoA
GetModuleHandleA
GetVersionExA
CreateMutexW
HeapDestroy
LocalFlags
IsValidLocale
AddAtomW
lstrlenA
CreateFileW
GetTickCount
CreateFileW

user32

IsMenu
DestroyMenu
DestroyIcon
GetWindowLongA
GetWindowTextA
MessageBoxW
GetWindowLongA
SetRect
LoadCursorA
PeekMessageA
DispatchMessageA
IsMenu
wsprintfA

dpnet

DllUnregisterServer
DllRegisterServer
DllGetClassObject
DllCanUnloadNow

advapi32

IsValidAcl

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 793KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy