ab51f2fd270de614efa33772911669b2e39bac78504232b5ea643e95989c2e5a | Triage

Submit
Reports

Overview

overview

8

Static

static

ab51f2fd27...5a.exe

windows7-x64

8

ab51f2fd27...5a.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

ab51f2fd270de614efa33772911669b2e39bac78504232b5ea643e95989c2e5a.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

ab51f2fd270de614efa33772911669b2e39bac78504232b5ea643e95989c2e5a.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

ab51f2fd270de614efa33772911669b2e39bac78504232b5ea643e95989c2e5a
Size

802KB
MD5

5474c84aa34201b62734828b396d06ac
SHA1

e7515c65f828994f11f975d6fc4188f3ecd27dea
SHA256

ab51f2fd270de614efa33772911669b2e39bac78504232b5ea643e95989c2e5a
SHA512

1287be2e5d3a8517866823b2c96386c533cf5be3e7ede0972e3363b3cf27d5fff73a66e8594858dbde82a428fb593188bb98ab60e587e6b142785f2d29faeb05
SSDEEP

12288:vhX8vABO37eReVF6g4jpTAevtg8A1Cwjmt6LUvxuw0NEDRPoNqEBaQtLo9h:pXp037eR4F6LpEIbSVjsvd0saNqqjM9

Score

N/A

Malware Config

Signatures

Files

ab51f2fd270de614efa33772911669b2e39bac78504232b5ea643e95989c2e5a
.exe windows x86

13b539a6da46b0a1461ef95b9f6c530e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
DeleteFileW
OpenEventA
FindAtomA
PulseEvent
InterlockedExchange
GetDriveTypeW
CreateDirectoryA
SetFilePointer
CreateFileW
OpenMutexA
GlobalFlags
DeleteFileW
GetCurrentThreadId
GetVolumePathNameA
SetFileTime
GetModuleFileNameA
GetProcessHeap
CreateFileW
LocalFree
GetConsoleMode
VirtualProtectEx
HeapDestroy
GetModuleHandleA
LeaveCriticalSection

user32

DestroyMenu
DispatchMessageA
PeekMessageA
DestroyIcon
GetWindowLongA
GetWindowLongA
SetFocus
SetRect
LoadCursorA
wsprintfA
GetWindowTextA
IsMenu
MessageBoxA

dot3gpclnt

GenerateLANPolicy
LANGPAInit
LANGPADeInit
ProcessLANPolicyEx

advapi32

IsValidAcl

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 794KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy