995ad85cac012c0950195f84826349df25bd75d3365311e85482803867c0a7c5 | Triage

Submit
Reports

Overview

overview

8

Static

static

995ad85cac...c5.exe

windows7-x64

8

995ad85cac...c5.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

995ad85cac012c0950195f84826349df25bd75d3365311e85482803867c0a7c5.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

995ad85cac012c0950195f84826349df25bd75d3365311e85482803867c0a7c5.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

995ad85cac012c0950195f84826349df25bd75d3365311e85482803867c0a7c5
Size

782KB
MD5

0f1c6ff57455bfa24d0d20afa9631495
SHA1

2b388a8846ae0390b19694751bdc2a331d249697
SHA256

995ad85cac012c0950195f84826349df25bd75d3365311e85482803867c0a7c5
SHA512

59bb5fc69577cee1281e542f6865c6a758eab752c47508d09dc73348b257eb28d582d0deecaf4e3cf80fac96a9db7bd39a0226d592484916e2ce2d9c55964e99
SSDEEP

12288:/T7MrMsBLVKeMULCAJvXKYNr4rxKo0IYl++EIa7m/KUoIHy4Vql7HYdfRwuGA0BA:/XMlBLVKbmCAthZQ0PRWU98OdfOBVpkx

Score

N/A

Malware Config

Signatures

Files

995ad85cac012c0950195f84826349df25bd75d3365311e85482803867c0a7c5
.exe windows x86

d7ac9505fc6d0ee9b950be2acfae764d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount

msimg32

AlphaBlend

ole32

CreateStreamOnHGlobal
OleUninitialize
OleDraw
StringFromCLSID
OleSetMenuDescriptor
OleGetClipboard
OleSetClipboard
CoRevokeClassObject
RevokeDragDrop
RegisterDragDrop
DoDragDrop
CoTaskMemFree
CreateDataAdviseHolder
CoGetClassObject
CoTaskMemAlloc
CoGetMalloc
ReleaseStgMedium
CoCreateInstance
CoLockObjectExternal
CoDisconnectObject
IsAccelerator
CoRegisterClassObject
OleInitialize
ProgIDFromCLSID
CoUninitialize
CoInitialize
IsEqualGUID

ntdll

RtlInitUnicodeString
RtlFreeHeap
RtlDowncaseUnicodeString
RtlRandom
RtlDestroyHeap

Sections

.text
Size: 1024B - Virtual size: 734B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 776KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy