86895cb263ca503a04bc0d02c96ea14f2ecc2aed11ab71948e5cbc2bffc2fc5c | Triage

Submit
Reports

Overview

overview

Static

static

86895cb263...5c.exe

windows7-x64

86895cb263...5c.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

86895cb263ca503a04bc0d02c96ea14f2ecc2aed11ab71948e5cbc2bffc2fc5c.exe

Resource

win7-20220812-en

persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

86895cb263ca503a04bc0d02c96ea14f2ecc2aed11ab71948e5cbc2bffc2fc5c.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

86895cb263ca503a04bc0d02c96ea14f2ecc2aed11ab71948e5cbc2bffc2fc5c
Size

179KB
MD5

0724fd345e136161fa34e1dbdea4e7c2
SHA1

4a1b146930755c62f7b3cdbb32d82aa8a349e286
SHA256

86895cb263ca503a04bc0d02c96ea14f2ecc2aed11ab71948e5cbc2bffc2fc5c
SHA512

bb4828af14fe6b37dd12eb3108fb96d15f16fe1fb74eda3c1a4113a06def91d0cb0102ad0c6665003349ba072582b02df0bdf0e207b99c910fe3fd86d57aeb43
SSDEEP

3072:zMDMhKi/Inmu7+WR5fQ/WCHYv+EZJIMpL2LSS4FP8i4Y/dOnCxAjCWc2uKUzB:4D7i/In57++YOx+Wr9FP8R8Vr1

Score

N/A

Malware Config

Signatures

Files

86895cb263ca503a04bc0d02c96ea14f2ecc2aed11ab71948e5cbc2bffc2fc5c
.exe windows x86

47f6d409be4da61ccd723742f1e25e3d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StringFromIID
ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

oleacc

LresultFromObject
CreateStdAccessibleObject

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyA
RegDeleteKeyA
RegOpenKeyExA
RegEnumKeyExA
RegQueryValueExA
RegSetValueExA

shlwapi

PathFileExistsW

kernel32

VirtualQueryEx
MultiByteToWideChar
RaiseException
WideCharToMultiByte
EnumResourceNamesA
GetSystemTimeAsFileTime
LocalAlloc
CreateProcessA
lstrlenA
OpenJobObjectA
InterlockedExchange

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 388KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy