5556e66c7f23c8fa47e5eba11437ccbf97f9984c779231c28cb546808fb3b445 | Triage

Submit
Reports

Overview

overview

8

Static

static

5556e66c7f...45.exe

windows7-x64

8

5556e66c7f...45.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

5556e66c7f23c8fa47e5eba11437ccbf97f9984c779231c28cb546808fb3b445.exe

Resource

win7-20220901-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

5556e66c7f23c8fa47e5eba11437ccbf97f9984c779231c28cb546808fb3b445.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

5556e66c7f23c8fa47e5eba11437ccbf97f9984c779231c28cb546808fb3b445
Size

810KB
MD5

0f6676024e7ae7c42ccedf8b1974f701
SHA1

3d9114fef1d0bf532fffb65cc409f3a57b53ffd1
SHA256

5556e66c7f23c8fa47e5eba11437ccbf97f9984c779231c28cb546808fb3b445
SHA512

6184120e6a297b22af18868baa635c5f2187dd6e4fe979b479463abd1d1107ae7ae3c80a26d4f4f01b12c77ba39e602fc0a1e1db90709ab1d2c3bc7b30e9e838
SSDEEP

24576:zRKHxyTb+/AfVhpxPQfbIWAZP1rTcdeX:zRKHx+bbf3PPQbIjZP1UeX

Score

N/A

Malware Config

Signatures

Files

5556e66c7f23c8fa47e5eba11437ccbf97f9984c779231c28cb546808fb3b445
.exe windows x86

6d49ca530f40b6fabac895ff5ad17dcb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
CreateDirectoryA
GetFileTime
LocalFree
GetModuleFileNameA
GetConsoleMode
CreateFileW
CancelIo
FindAtomA
InterlockedExchange
LocalLock
VirtualProtect
DeleteFileW
GetStartupInfoW
GetConsoleAliasW
GetModuleHandleA
CreateFileW
ReadConsoleW
GetDriveTypeA
HeapDestroy
DeleteFileW
GetCurrentThreadId
GetProcessHeap
SetLocalTime
GetFileAttributesA

user32

GetWindowTextA
LoadCursorA
GetWindowLongA
GetWindowLongA
PeekMessageA
wsprintfA
GetKeyState
GetWindowDC
IsZoomed
MessageBoxA
GetSysColor
IsWindowEnabled
DispatchMessageA

davclnt

DllCanUnloadNow
NPGetCaps
NPCloseEnum
DllGetClassObject

advapi32

IsValidSid

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 800KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy