ab637772014de5873548484e550c0984fa240cbe4116a5039d467e6ef405f3db | Triage

Submit
Reports

Overview

overview

9

Static

static

ab63777201...db.dll

windows7-x64

9

ab63777201...db.dll

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

ab637772014de5873548484e550c0984fa240cbe4116a5039d467e6ef405f3db.dll

Resource

win7-20220812-en

persistence spyware stealer upx

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

ab637772014de5873548484e550c0984fa240cbe4116a5039d467e6ef405f3db.dll

Resource

win10v2004-20220901-en

persistence spyware stealer upx

windows10-2004-x64

16 signatures

150 seconds

General

Target

ab637772014de5873548484e550c0984fa240cbe4116a5039d467e6ef405f3db
Size

857KB
MD5

1b70c1840c86f768ed5d74c7ec642de1
SHA1

46a8781db897158e745a5336df275ad27faf5202
SHA256

ab637772014de5873548484e550c0984fa240cbe4116a5039d467e6ef405f3db
SHA512

e02218ad287bbf21ac6e36dab38a609ab322889a5b6aa5f0ead8e2cef6ecc773a8dee038eff39ceca5e9fd8bccae1ada35ffd784d92e85f282073a5e1c82201e
SSDEEP

24576:BZvWjy6tdFi5blF98TVzsOiPnmRSkxZpJbr0:Bxqy6o5fCVzKkHb

Score

N/A

Malware Config

Signatures

Files

ab637772014de5873548484e550c0984fa240cbe4116a5039d467e6ef405f3db
.dll windows x86

c7d5681c7024db87c5e26cb86f165e94

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CreateStreamOnHGlobal

ntdll

RtlImageNtHeader

comctl32

ImageList_SetIconSize

shell32

ShellExecuteA

wininet

FindNextUrlCacheEntryA

urlmon

UrlMkGetSessionOption

wsock32

WSACleanup

rpcrt4

UuidCreateSequential

oleacc

AccessibleObjectFromWindow

psapi

GetProcessImageFileNameA

Sections

CODE
Size: 847KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy