42b986b7c4bd0ab171e524aae821a744dee91f2b06f44c6ceeb2b6a83e258abb | Triage

Submit
Reports

Overview

overview

8

Static

static

42b986b7c4...bb.exe

windows7-x64

8

42b986b7c4...bb.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

42b986b7c4bd0ab171e524aae821a744dee91f2b06f44c6ceeb2b6a83e258abb.exe

Resource

win7-20220901-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

42b986b7c4bd0ab171e524aae821a744dee91f2b06f44c6ceeb2b6a83e258abb.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

42b986b7c4bd0ab171e524aae821a744dee91f2b06f44c6ceeb2b6a83e258abb
Size

810KB
MD5

11c2501ed8f50c7113814e1bec8ccf9c
SHA1

1f25ba492099c97ed45b60b29ed0632e5656d01e
SHA256

42b986b7c4bd0ab171e524aae821a744dee91f2b06f44c6ceeb2b6a83e258abb
SHA512

b6fe7fdccf311e48125643544294a2c1d6d85f32642f15ad8b54a3ac1eca17792ab5b1b658506ddb6f49042231c55797f4e7ee9bb2203fe0aea50042c660fa37
SSDEEP

12288:RCgoI8i71zWH+MjB6VgyFNA37IJJ0BMQD1xrgvV5OuL68QphHrVvkj+Md:gvIXzWNMM3sQBJHrgvVLLC3p8q

Score

N/A

Malware Config

Signatures

Files

42b986b7c4bd0ab171e524aae821a744dee91f2b06f44c6ceeb2b6a83e258abb
.exe windows x86

acbe730c1f97bfc6ecf54d3cdf7d9e3c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
InterlockedExchange
VirtualProtect
GetFileTime
FindClose
GetCurrentThreadId
GetDriveTypeA
GetProcessHeap
CreateDirectoryA
GetModuleFileNameA
CreateFileA
DeleteFileA
GetModuleHandleA
CreateFileA
GlobalLock
HeapDestroy
GetConsoleAliasA
LocalFree
LeaveCriticalSection
CancelIo
GetLocalTime
RemoveDirectoryW
GetStartupInfoW
GetConsoleMode
ReadConsoleW

user32

LoadCursorA
GetKeyState
IsZoomed
PeekMessageA
wsprintfA
GetWindowLongA
GetWindowLongA
GetWindowTextA
GetSysColor
MessageBoxA
IsWindowEnabled
GetWindowDC
DispatchMessageA

d3dxof

DllCanUnloadNow
DirectXFileCreate
DllGetClassObject
DirectXFileCreate

advapi32

IsValidSid

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 800KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy