10ffd8f4853fc465318f44c42183cfda165538a139631143fe040b1d53f1320c | Triage

Submit
Reports

Overview

overview

8

Static

static

10ffd8f485...0c.exe

windows7-x64

8

10ffd8f485...0c.exe

windows10-2004-x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

10ffd8f4853fc465318f44c42183cfda165538a139631143fe040b1d53f1320c.exe

Resource

win7-20220812-en

spyware stealer upx

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

10ffd8f4853fc465318f44c42183cfda165538a139631143fe040b1d53f1320c.exe

Resource

win10v2004-20220812-en

spyware stealer upx

windows10-2004-x64

3 signatures

150 seconds

General

Target

10ffd8f4853fc465318f44c42183cfda165538a139631143fe040b1d53f1320c
Size

180KB
MD5

0cd4e6ae0e5d69971bc347ea4ef5066f
SHA1

8a5bc96f68822b8c26ff23d64d767a3bb9d7081e
SHA256

10ffd8f4853fc465318f44c42183cfda165538a139631143fe040b1d53f1320c
SHA512

a7947ec0d1cd01ee2381fc73fa319abaa15708e7a0a583bd6f4370e4485d62c448eba3c88c0a7f7d42bcf9af1c89809d509dfbbd1b1d708472529729c5192f5b
SSDEEP

3072:tMf4RNy1DYoNQTQ4UQf3AFdP0l352xRHHDhViXCgUelkMvMCfgdPyeltQBJ4:tMHDzCUE3scl352zo3HgRy6SJ4

Score

N/A

Malware Config

Signatures

Files

10ffd8f4853fc465318f44c42183cfda165538a139631143fe040b1d53f1320c
.exe windows x86

a0e0d24d606f1385b3f7a50ffc9877ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetReadFile
InternetOpenA
InternetOpenUrlA
InternetCloseHandle

kernel32

GetSystemInfo
InitializeCriticalSection
SetFirmwareEnvironmentVariableW
LocalFree
DeleteCriticalSection
GetLastError
GetProcAddress
LocalAlloc
EnumResourceTypesA
EnterCriticalSection
LoadLibraryA
LCMapStringW
SetStdHandle
GetLongPathNameA
LeaveCriticalSection
GetModuleHandleA
LCMapStringA
GetStringTypeA

gdiplus

GdipCloneImage

winmm

timeGetTime
timeSetEvent

ole32

OleSave
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
StringFromGUID2
CoTaskMemRealloc

Sections

.text
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy