00585a4c61f27fcd200dd737b7280b166f6a7a3af899ed4ff440545ca0125f22 | Triage

Submit
Reports

Overview

overview

8

Static

static

00585a4c61...22.exe

windows7-x64

8

00585a4c61...22.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

00585a4c61f27fcd200dd737b7280b166f6a7a3af899ed4ff440545ca0125f22.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

00585a4c61f27fcd200dd737b7280b166f6a7a3af899ed4ff440545ca0125f22.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

00585a4c61f27fcd200dd737b7280b166f6a7a3af899ed4ff440545ca0125f22
Size

810KB
MD5

0a9a67d49c22eaf0b765429695ec02cf
SHA1

06a54e2d8b71b51b36dbad50f4f28cbe52141a6b
SHA256

00585a4c61f27fcd200dd737b7280b166f6a7a3af899ed4ff440545ca0125f22
SHA512

c118746c90fc33c729e25cd667a6cc67a92d6305f9c1eabaaa0b8ab9950e2b230adad9a08fb3b490d17d4fb8a616343aca76407eaffe3f1ea6656f9a2c28cc0f
SSDEEP

24576:lI+ti1HyF13o4vXPzmH4yO42gLS/GZl7EQE9u01j6PL7:+1SjBPzLCZ7g001S

Score

N/A

Malware Config

Signatures

Files

00585a4c61f27fcd200dd737b7280b166f6a7a3af899ed4ff440545ca0125f22
.exe windows x86

e39d269a91fb0c9fc9430f907f3b1707

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadConsoleW
CreateFileA
VirtualProtect
LeaveCriticalSection
GetCurrentThreadId
CancelIo
GetModuleHandleA
DeleteFileA
GetConsoleAliasA
GetStartupInfoW
FindClose
GetDriveTypeA
GetModuleFileNameA
GetFileTime
CreateFileA
DeleteFileA
GlobalLock
CreateDirectoryA
EnterCriticalSection
LocalFree
GetConsoleMode
HeapDestroy
GetLocalTime
GetProcessHeap
RemoveDirectoryW

user32

PeekMessageA
wsprintfA
FillRect
IsWindowVisible
GetWindowLongA
IsWindowEnabled
GetWindowTextA
DispatchMessageA
GetSysColor
GetWindowLongA
MessageBoxA
GetKeyState
GetWindowDC

d3dxof

DllCanUnloadNow
DirectXFileCreate
DllGetClassObject
DirectXFileCreate

advapi32

IsValidSid

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 800KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy