60072cbdb7d00a4359568ed93a46a70bd74445891940e2232c3b245ec3b48379 | Triage

Submit
Reports

Overview

overview

8

Static

static

60072cbdb7...79.exe

windows7-x64

8

60072cbdb7...79.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

60072cbdb7d00a4359568ed93a46a70bd74445891940e2232c3b245ec3b48379.exe

Resource

win7-20220901-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

60072cbdb7d00a4359568ed93a46a70bd74445891940e2232c3b245ec3b48379.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

60072cbdb7d00a4359568ed93a46a70bd74445891940e2232c3b245ec3b48379
Size

810KB
MD5

2adf59b523239bbe9d54fbab2d6fbbe7
SHA1

6ac114e0aefe82a12055c9a2a1067e0d987b465a
SHA256

60072cbdb7d00a4359568ed93a46a70bd74445891940e2232c3b245ec3b48379
SHA512

a3bd55a7f9afaae6576ac9719e758851581954068a8ffbdf07389f0988e70f7b1a5cfaec5a97199ac3d03691b64da280fa44351cffeba4a293da303efef15a8a
SSDEEP

24576:Km6Ss6p7iyNCIGdBAMaJ9ZdMURsaj4aPXBX:KmXf7eBAh3dMURf4IXB

Score

N/A

Malware Config

Signatures

Files

60072cbdb7d00a4359568ed93a46a70bd74445891940e2232c3b245ec3b48379
.exe windows x86

94e9a555ec51faab0907ca143be958fd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
SetLocalTime
VirtualProtect
LocalLock
HeapDestroy
GetStartupInfoW
LeaveCriticalSection
GetDriveTypeA
GetConsoleMode
ReadConsoleW
GetFileTime
GetProcessHeap
InterlockedExchange
GetCurrentThreadId
DeleteFileW
GetModuleFileNameA
CreateDirectoryA
GetModuleHandleA
CreateFileW
FindAtomA
DeleteFileW
GetConsoleAliasW
CancelIo
LocalFree
GetFileAttributesA

user32

DispatchMessageA
LoadCursorA
MessageBoxA
IsZoomed
GetWindowTextA
GetWindowDC
IsWindowEnabled
GetKeyState
PeekMessageA
GetWindowLongA
GetWindowLongA
GetSysColor
wsprintfA

davclnt

DllGetClassObject
NPGetCaps
NPCloseEnum
DllCanUnloadNow

advapi32

IsValidSid

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 800KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy