5be2373e50319298d7e6e3f675089e60ed59d6095ebf862f6b8fde7a21ab4515 | Triage

Submit
Reports

Overview

overview

8

Static

static

5be2373e50...15.exe

windows7-x64

8

5be2373e50...15.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

5be2373e50319298d7e6e3f675089e60ed59d6095ebf862f6b8fde7a21ab4515.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

5be2373e50319298d7e6e3f675089e60ed59d6095ebf862f6b8fde7a21ab4515.exe

Resource

win10v2004-20220812-en

discovery persistence spyware stealer upx

windows10-2004-x64

4 signatures

150 seconds

General

Target

5be2373e50319298d7e6e3f675089e60ed59d6095ebf862f6b8fde7a21ab4515
Size

811KB
MD5

117bc0918b52617376e8ad941a7bc096
SHA1

bc112fce1f5c592f451fa3b65d42c8dbcba15451
SHA256

5be2373e50319298d7e6e3f675089e60ed59d6095ebf862f6b8fde7a21ab4515
SHA512

f4d716ea33559207b4b0c3ceddd55614e808182a914e7d509d54b09a95f1198617d5d44ada9017e9317e420ab0884d4bee0de77aa7a1b988bdea9de93d6e0e9b
SSDEEP

24576:VLpwFn79nxfHhiTgpJshkOYZ149YTdwW:JKFn7bfhwqCkOYZK9YT2W

Score

N/A

Malware Config

Signatures

Files

5be2373e50319298d7e6e3f675089e60ed59d6095ebf862f6b8fde7a21ab4515
.exe windows x86

30be08e6f580ad27d2dfc9aaa1ca1efa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetTickCount
GetStartupInfoA
GetFileSize
ReadConsoleA
CloseHandle
CreateFileA
Sleep
CreateDirectoryW
OpenSemaphoreA
LoadLibraryA
SetLocalTime
HeapSize
DeleteFileA
VirtualProtect
lstrlenA
SetLastError
GlobalFree
GetFileAttributesW
SetEvent
SetLastError
CreateSemaphoreW
GetProcessHeap
WriteConsoleA
GetEnvironmentStringsA

user32

DestroyMenu
IsWindow
GetWindowLongA
CallWindowProcW
DrawTextW
DispatchMessageA
GetSysColor
PeekMessageA
IsZoomed
SetFocus
FindWindowA
DispatchMessageA
GetClassInfoA

xmlprovi

DllCanUnloadNow
DllUnregisterServer
DllRegisterServer
DllGetClassObject

advapi32

RegCloseKey

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 800KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy