757d0e7e63a4b63bc73aedc4988cb5f16e7309727fae86d3873084a5d3eec040 | Triage

Submit
Reports

Overview

overview

8

Static

static

757d0e7e63...40.exe

windows7-x64

8

757d0e7e63...40.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

757d0e7e63a4b63bc73aedc4988cb5f16e7309727fae86d3873084a5d3eec040.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

757d0e7e63a4b63bc73aedc4988cb5f16e7309727fae86d3873084a5d3eec040.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

757d0e7e63a4b63bc73aedc4988cb5f16e7309727fae86d3873084a5d3eec040
Size

799KB
MD5

0ddda6dd28d494a893bc089b2eecd5d1
SHA1

256b4a602dd17c5319d93d0b737a284a46eafdd9
SHA256

757d0e7e63a4b63bc73aedc4988cb5f16e7309727fae86d3873084a5d3eec040
SHA512

49849bfac9c59f5e8af1ad306a616f5aaaea99b92eec1200d116f6ce1af785ef42dea880c86f20c1d5abbb4ed9e277256e2b16a0a96fe9a59e8a9b7f0937aa9c
SSDEEP

12288:poYOJj8DP6b+xGxiUnZrLuJM44DlJO5QjOdmdS+XwCcJyv7jwgwI3:pTOR8DybA1UnZ3uy4UJ+dmdSJCRUm3

Score

N/A

Malware Config

Signatures

Files

757d0e7e63a4b63bc73aedc4988cb5f16e7309727fae86d3873084a5d3eec040
.exe windows x86

228c05b247c4bd6c41ec3fa97ff809ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetLocaleInfoA
VirtualProtect
IsBadWritePtr
RemoveDirectoryA
GetFileAttributesA
TlsGetValue
ResetEvent
MapViewOfFile
GetFileAttributesA
HeapSize
IsValidCodePage
GetDriveTypeW
SetLastError
FindClose
GetTickCount
FindResourceA
GetModuleHandleA
GetStringTypeA
CreateDirectoryA
GetProcessHeap
GetExitCodeThread

user32

PostMessageW
wsprintfW
GetWindowLongW
IsWindow
LoadImageW
GetWindowTextW
SetCursor
GetCapture
PeekMessageA
SetFocus
LoadCursorA
DispatchMessageA
IsDialogMessageA

msaatext

DllUnregisterServer
DllUnregisterServer
DllCanUnloadNow
DllGetClassObject

rasapi32

DwRasUninitialize

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 789KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.import
Size: 512B - Virtual size: 468B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy