ab581f7bb162dc861a5293ab358558615fa629b3aacf99b787dafc1ccc538371 | Triage

Submit
Reports

Overview

overview

8

Static

static

ab581f7bb1...71.exe

windows7-x64

8

ab581f7bb1...71.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

ab581f7bb162dc861a5293ab358558615fa629b3aacf99b787dafc1ccc538371.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

ab581f7bb162dc861a5293ab358558615fa629b3aacf99b787dafc1ccc538371.exe

Resource

win10v2004-20220901-en

discovery persistence spyware stealer upx

windows10-2004-x64

4 signatures

150 seconds

General

Target

ab581f7bb162dc861a5293ab358558615fa629b3aacf99b787dafc1ccc538371
Size

811KB
MD5

9094815ead45496f9847f37890980937
SHA1

09311e6fc854d4d41085d55dfcf00138db1aea72
SHA256

ab581f7bb162dc861a5293ab358558615fa629b3aacf99b787dafc1ccc538371
SHA512

6bdce892d7b286944e6a9ac47e4392c0ed5459f607582c7b57be2000a78b98c196700b1605c49d493d14ad5a41c3da92ea1189c7f5d5766f53001b36d59f7239
SSDEEP

24576:dphq628bSqAyBXrEpM4WbobdU+Za2OoVP:dphq6HbF7boRUYEoJ

Score

N/A

Malware Config

Signatures

Files

ab581f7bb162dc861a5293ab358558615fa629b3aacf99b787dafc1ccc538371
.exe windows x86

6abeba4f44db36ffad9da330a4835449

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
VirtualProtect
GetTickCount
lstrlenA
GetProcessHeap
GlobalFree
GetFileSize
HeapSize
CreateDirectoryW
SetLocalTime
ReadConsoleA
GetModuleFileNameA
LoadLibraryA
OpenSemaphoreA
GetStartupInfoA
Sleep
GetEnvironmentStringsA
CloseHandle
DeleteFileA
GetFileAttributesW
SetLastError
SetLastError
CreateSemaphoreW
WriteConsoleA
SetEvent

user32

GetWindowLongA
DispatchMessageA
IsWindow
IsZoomed
DispatchMessageA
GetSysColor
CallWindowProcW
DrawTextW
SetFocus
GetClassInfoA
DestroyMenu
FindWindowA
PeekMessageA

traffic

TcAddFlow
TcDeleteFilter
TcDeleteFlow
TcAddFilter

advapi32

RegCloseKey

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 800KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy