833c11ca6763a8b03596568b58d8fa7fa680157b8fc8d23b197d935b03b03baa | Triage

Submit
Reports

Overview

overview

8

Static

static

833c11ca67...aa.exe

windows7-x64

8

833c11ca67...aa.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

833c11ca6763a8b03596568b58d8fa7fa680157b8fc8d23b197d935b03b03baa.exe

Resource

win7-20220901-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

833c11ca6763a8b03596568b58d8fa7fa680157b8fc8d23b197d935b03b03baa.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

833c11ca6763a8b03596568b58d8fa7fa680157b8fc8d23b197d935b03b03baa
Size

802KB
MD5

0602babfc893b4fc38969db80f71c785
SHA1

a19bb27a87bd84b08eb5deb2465e2f80e4ff9c79
SHA256

833c11ca6763a8b03596568b58d8fa7fa680157b8fc8d23b197d935b03b03baa
SHA512

3221eadaa5880f5f3b0791fd7e448e7babaa94d69d416f47d86269576375ad0cc2302088b7449f905850dc9221cca8c249712cf973c00f79f82a9ce273ac4d95
SSDEEP

12288:NystWYERqCNmGcOD1nbeVMBgvoAmsWIlajb70/iWUwlEjlZZ73tQwGPbf:blEd+wb+jmsVU7CxllyZZ7ar

Score

N/A

Malware Config

Signatures

Files

833c11ca6763a8b03596568b58d8fa7fa680157b8fc8d23b197d935b03b03baa
.exe windows x86

b70896475161c9159fa06497f5a8b503

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeW
OpenEventA
LocalFree
DeleteFileW
GetModuleHandleA
CreateDirectoryA
DeleteFileW
GetProcessHeap
PulseEvent
GetFileAttributesA
LeaveCriticalSection
InterlockedExchange
HeapDestroy
GetCurrentThreadId
GetConsoleMode
FindAtomA
GetVolumePathNameA
VirtualProtectEx
OpenMutexA
GetModuleFileNameA
CreateFileW
GlobalFlags
SetFileTime
CreateFileW
SetFilePointer

user32

GetWindowLongA
SetRect
wsprintfA
PeekMessageA
LoadCursorA
DispatchMessageA
GetWindowTextA
SetFocus
IsMenu
DestroyIcon
DestroyMenu
MessageBoxA
GetWindowLongA

dot3gpclnt

LANGPAInit
LANGPADeInit
ProcessLANPolicyEx
GenerateLANPolicy

advapi32

IsValidAcl

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 794KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy