2e2cc75059db38d38e4bb399dddd0122b4364ab6b5672faa3f84cd2c20c6f138 | Triage

Submit
Reports

Overview

overview

8

Static

static

2e2cc75059...38.exe

windows7-x64

8

2e2cc75059...38.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

2e2cc75059db38d38e4bb399dddd0122b4364ab6b5672faa3f84cd2c20c6f138.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

2e2cc75059db38d38e4bb399dddd0122b4364ab6b5672faa3f84cd2c20c6f138.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

2e2cc75059db38d38e4bb399dddd0122b4364ab6b5672faa3f84cd2c20c6f138
Size

797KB
MD5

05fb664b50dfebb81a4787243177221d
SHA1

0e599b6963b122ce97ed2a0345a062b294277f17
SHA256

2e2cc75059db38d38e4bb399dddd0122b4364ab6b5672faa3f84cd2c20c6f138
SHA512

c07fce2943b1b74524805d35a11f97685507cc834658da21f89221abe3685e110585ab89b6f6f83dea6f018dd509982d38f3d77253648741394140ff813a6e58
SSDEEP

24576:w586+QvqBEzFT2LdlwZC1ObaJAhRPO2bzK8P:w586uXAFC8P

Score

N/A

Malware Config

Signatures

Files

2e2cc75059db38d38e4bb399dddd0122b4364ab6b5672faa3f84cd2c20c6f138
.exe windows x86

8589c54a7360e8daac167b69322d0cec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

RemoveDirectoryA
MapViewOfFile
GetModuleHandleA
GetLocaleInfoA
SetLastError
IsBadWritePtr
GetFileAttributesA
HeapSize
VirtualProtect
FindResourceA
GetProcessHeap
GetCommandLineA
CancelIo
GetExitCodeThread
CreateMailslotW
ResetEvent
IsValidCodePage
CreateDirectoryA
GetStdHandle
GetDriveTypeW
FindClose

user32

GetCapture
PostMessageW
PeekMessageA
LoadCursorA
DestroyMenu
IsDialogMessageA
wsprintfA
SetFocus
GetWindowTextW
DispatchMessageA
GetWindowLongW
LoadImageW
SetCursor

ipsmsnap

DllUnregisterServer
DllGetClassObject
DllGetClassObject
DllCanUnloadNow

rasapi32

DwRasUninitialize

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 789KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.import
Size: 512B - Virtual size: 464B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy