5725436a213202de9f87a52955712ff61362f73d260808b1d48e76fc11033e36 | Triage

Submit
Reports

Overview

overview

8

Static

static

5725436a21...36.exe

windows7-x64

8

5725436a21...36.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

5725436a213202de9f87a52955712ff61362f73d260808b1d48e76fc11033e36.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

5725436a213202de9f87a52955712ff61362f73d260808b1d48e76fc11033e36.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

5725436a213202de9f87a52955712ff61362f73d260808b1d48e76fc11033e36
Size

775KB
MD5

157696c72885db6284a909d671ef31b2
SHA1

7f48772442c41e6938651ecff23bc9ab480e8a52
SHA256

5725436a213202de9f87a52955712ff61362f73d260808b1d48e76fc11033e36
SHA512

840b83b67f0a362342d45a354f778ef605dc43a7fa86df9ce9f4bde2b03204e8f83637d32917e2fb0e84df9c1b92f4b7bb9f74ca68a7302159a4922614fe6d8c
SSDEEP

24576:1zGzTSYttB4o3WcZPthe39JoCCKe5BipEb:1zyFjR3HVI3boCKb

Score

N/A

Malware Config

Signatures

Files

5725436a213202de9f87a52955712ff61362f73d260808b1d48e76fc11033e36
.exe windows x86

c158ad253bb163a39171d16a83403b56

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

IsDebuggerPresent
GetFileAttributesA
HeapCreate
GetPriorityClass
GetCurrentDirectoryA
GetLastError
GetModuleHandleA
GetStartupInfoA
WriteConsoleW
CopyFileW
SetEvent
GetStdHandle
DisconnectNamedPipe
CloseHandle
CreatePipe
ReleaseMutex
lstrcpyW
WriteConsoleW
ClearCommBreak
lstrlenW
WriteConsoleW

msftedit

RichListBoxWndProc
SetCustomTextOutHandlerEx
RichEditWndProc
RichComboBoxWndProc

shell32

DragQueryFileA
SHGetSettings
ShellMessageBoxA
SHGetMalloc
ExtractIconA
DragFinish
ShellAboutA
StrChrA
DuplicateIcon
SHFree
SHGetDiskFreeSpaceA
DragAcceptFiles
DllUnregisterServer

msasn1

ASN1BERDecBool

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 720B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 766KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.orpc
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy