PO48995[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

PO48995.exe

windows7-x64

PO48995.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

PO48995.exe

Resource

win7-20220901-en

snakekeylogger collection keylogger spyware stealer

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

PO48995.exe

Resource

win10v2004-20220812-en

snakekeylogger collection keylogger spyware stealer

windows10-2004-x64

13 signatures

150 seconds

General

Target

PO48995.exe
Size

1.0MB
MD5

d590c6d5fdd04400034c68868519c388
SHA1

f412414c628d6d054dcf32699790549b8bb43975
SHA256

72591e77bbafe38b00b3946db0ac4dfd559ff18a13562d6e58a9bdb10a668ae9
SHA512

67f8e79cf411e326a46abff733a748e6dd3c578725b74094fb673929f175172d29264e91b50dec2f4162dbc035d0d2192805006499bf3b6293637e0121537dd9
SSDEEP

12288:OIWxQir2iNb27toeMPVRSOMxIbwRzUuC0ysfUo33usQ1tCaoBY:O9r1paHMtYTE+jCZsfUyY0BY

Score

N/A

Malware Config

Signatures

Files

PO48995.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 742KB - Virtual size: 741KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 290KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy