a7f7679857bf38a0afd1e20c748e4643a482960f453c5e8de80a4aa68839a84e | Triage

Submit
Reports

Overview

overview

8

Static

static

a7f7679857...4e.exe

windows7-x64

8

a7f7679857...4e.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

a7f7679857bf38a0afd1e20c748e4643a482960f453c5e8de80a4aa68839a84e.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

a7f7679857bf38a0afd1e20c748e4643a482960f453c5e8de80a4aa68839a84e.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

2 signatures

150 seconds

General

Target

a7f7679857bf38a0afd1e20c748e4643a482960f453c5e8de80a4aa68839a84e
Size

811KB
MD5

09e130702cbe133a6030fd1dd18730ac
SHA1

6e36358893d1ffa09db1aa4b2b988dadf95f5e2d
SHA256

a7f7679857bf38a0afd1e20c748e4643a482960f453c5e8de80a4aa68839a84e
SHA512

46a4475038b95a45b33d191cbb53e625b63641fed0b863f9334645c4baa0cbb3f3edb9a5e78e78eb5d676d9fb6666d589b3f68f3d83d5c8fcb0089fa6d8dc570
SSDEEP

24576:/8yLb9c/vqCMwEdVSWNvJFvCYnDNxQW6iMb0sxQPi77GT0cY:EU9c/axd0WNz6Y5P1Lsp77o0N

Score

N/A

Malware Config

Signatures

Files

a7f7679857bf38a0afd1e20c748e4643a482960f453c5e8de80a4aa68839a84e
.exe windows x86

6ef47b6780039ed319be8f6dadef019d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleA
SetEvent
Sleep
LoadLibraryA
HeapSize
CreateDirectoryA
lstrlenA
GetTickCount
ReadConsoleW
GetFileAttributesW
GlobalFree
OpenSemaphoreA
VirtualProtect
GetEnvironmentStringsW
DeleteFileA
CloseHandle
SetLastError
GetStartupInfoA
OpenMutexA
SetLastError
GetFileSize
GetModuleFileNameA
GetProcessHeap
CreateDirectoryW
CreateFileA

user32

DispatchMessageA
CallWindowProcW
GetClassInfoA
SetFocus
DispatchMessageA
DrawTextW
GetWindowLongA
IsWindow
PeekMessageA
FindWindowA
GetSysColor
IsZoomed
DestroyMenu

xolehlp

GetDtcLocaleResourceHandle
DtcGetTransactionManager
DtcGetTransactionManagerC
DtcGetTransactionManagerEx

advapi32

RegCloseKey

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 800KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy