876b219db6e0e0408e723aa27a48d082a7b04f4898e2cfedd6e6e1ee73f6066b | Triage

Submit
Reports

Overview

overview

8

Static

static

876b219db6...6b.exe

windows7-x64

8

876b219db6...6b.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

876b219db6e0e0408e723aa27a48d082a7b04f4898e2cfedd6e6e1ee73f6066b.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

876b219db6e0e0408e723aa27a48d082a7b04f4898e2cfedd6e6e1ee73f6066b.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

876b219db6e0e0408e723aa27a48d082a7b04f4898e2cfedd6e6e1ee73f6066b
Size

810KB
MD5

0cd2341dccb37b544eea0d2619a80049
SHA1

29233b0ca1405cdb8fbe9ecad48bc3e0ede0d37c
SHA256

876b219db6e0e0408e723aa27a48d082a7b04f4898e2cfedd6e6e1ee73f6066b
SHA512

0414982db1b8942af2df15c92af8a3678970dcb669dbee50384dd5a1cd1159d033cad6c6ef082a9fd995f23394c44a9528933e35ad5a840880ea9845467f43f7
SSDEEP

24576:d4LT/K7byPguC4UliyCBxhDVlfyrxrM+K4OsITi:d4vCbkgu9yiTxRVRvKITi

Score

N/A

Malware Config

Signatures

Files

876b219db6e0e0408e723aa27a48d082a7b04f4898e2cfedd6e6e1ee73f6066b
.exe windows x86

9c4816cdf92387f6ed7d76c0383ed1e7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
LeaveCriticalSection
GetConsoleAliasW
GetProcessHeap
VirtualProtect
LocalFree
GetCurrentThreadId
GetFileAttributesA
GetFileTime
GetModuleHandleA
GetModuleFileNameA
SetLocalTime
DeleteFileW
InterlockedExchange
GetDriveTypeW
CancelIo
CreateDirectoryA
CreateFileW
FindAtomA
ReadConsoleW
HeapDestroy
DeleteFileW
GetConsoleMode
SetFilePointer
LocalLock

user32

PeekMessageA
wsprintfA
MessageBoxA
GetWindowLongA
GetSysColor
GetWindowDC
DispatchMessageA
IsWindowEnabled
GetWindowLongA
GetWindowTextA
LoadCursorA
GetKeyState
IsZoomed

davclnt

DllCanUnloadNow
NPCloseEnum
NPGetCaps
DllGetClassObject

advapi32

IsValidSid

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 800KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy