8aa1f028d2234ce4e35604ba2115d2cd5d4d05e50922de8f1d5a71c6e8435fc4 | Triage

Submit
Reports

Overview

overview

8

Static

static

8aa1f028d2...c4.exe

windows7-x64

8

8aa1f028d2...c4.exe

windows10-2004-x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

8aa1f028d2234ce4e35604ba2115d2cd5d4d05e50922de8f1d5a71c6e8435fc4.exe

Resource

win7-20220901-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

8aa1f028d2234ce4e35604ba2115d2cd5d4d05e50922de8f1d5a71c6e8435fc4.exe

Resource

win10v2004-20220812-en

discovery persistence spyware stealer upx

windows10-2004-x64

4 signatures

150 seconds

General

Target

8aa1f028d2234ce4e35604ba2115d2cd5d4d05e50922de8f1d5a71c6e8435fc4
Size

809KB
MD5

0e86d96e7c0a5c20f96a6441195796af
SHA1

8465e131db4d977a9c3e404e0213b6df4810cc1e
SHA256

8aa1f028d2234ce4e35604ba2115d2cd5d4d05e50922de8f1d5a71c6e8435fc4
SHA512

cdd759ad3446b010e39c55853f2402f8a05e23b319e7b6df4ad7e1be235cd00fc1f8bf591f8a887877f53786e421723af177a7e0bc17c2d74dfc513bb073aa52
SSDEEP

12288:zJABfVsuCSplBWs4mo0QLmmeQQNiZaDV8PHkzB9wKEyLroF5B20j3/QMXN0:9uNsuCSbBhQLmmeiaGEz7VEy0oe

Score

N/A

Malware Config

Signatures

Files

8aa1f028d2234ce4e35604ba2115d2cd5d4d05e50922de8f1d5a71c6e8435fc4
.exe windows x86

0a6a332d3633fd1a09ec51681f32757c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateFileA
VirtualProtect
GetStartupInfoA
GetFileSize
GetModuleHandleA
EnterCriticalSection
CancelIo
GetCommandLineA
GlobalFree
CreateDirectoryA
TlsGetValue
GetConsoleTitleA
GetEnvironmentStringsW
ReadFile
GetModuleFileNameA
CancelIo
WriteConsoleW
GetTickCount
DeleteFileA
Sleep
CreateDirectoryA
lstrlenW
RemoveDirectoryA
GetConsoleTitleA

user32

DispatchMessageA
GetClassInfoA
PeekMessageA
DestroyMenu
GetWindowLongA
IsWindowEnabled
IsWindowVisible
CreateIcon
IsWindow
GetSysColor
wsprintfA
MessageBoxA
GetWindowLongA

cmutil

??1CIniW@@QAE@XZ
??_FCIniA@@QAEXXZ
??1CIniA@@QAE@XZ
??_FCIniW@@QAEXXZ

advapi32

RegCloseKey

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 800KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy