1b5e082d815ad076e276b4a056e825f489d1ee29d9d0856ebf22ff6a006936a7 | Triage

Submit
Reports

Overview

overview

8

Static

static

1b5e082d81...a7.exe

windows7-x64

8

1b5e082d81...a7.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

1b5e082d815ad076e276b4a056e825f489d1ee29d9d0856ebf22ff6a006936a7.exe

Resource

win7-20220901-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

1b5e082d815ad076e276b4a056e825f489d1ee29d9d0856ebf22ff6a006936a7.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

1b5e082d815ad076e276b4a056e825f489d1ee29d9d0856ebf22ff6a006936a7
Size

836KB
MD5

052ad9ea10837c49899a2256cfd7d540
SHA1

82370a320e88d3e73d3a9f687f2ab6b85037190c
SHA256

1b5e082d815ad076e276b4a056e825f489d1ee29d9d0856ebf22ff6a006936a7
SHA512

40c0e9765e600e28395d2fbc081e35a750953ac904e27c9c194a47066072275e582717b830e7df15c57f3468f1f10d4a555daaf73cfbd52adb855bbd75bffc6c
SSDEEP

24576:xsKi8ydDT79rVvU9bG5Wr3pdEtKWtLyCUc0NP:xsgydDT7dJUVGiYVhTUc

Score

N/A

Malware Config

Signatures

Files

1b5e082d815ad076e276b4a056e825f489d1ee29d9d0856ebf22ff6a006936a7
.exe windows x86

76719c104efde084f27f3474e406ddb5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SetStdHandle
WriteConsoleW
GetVolumeInformationW
GetDriveTypeW
lstrlenW
CreateMutexW
HeapFree
HeapCreate
lstrcatW
OpenEventW
GetCurrentProcess
GetShortPathNameW
GetPrivateProfileIntW
GetStringTypeA
LoadLibraryA
GetDiskFreeSpaceW
CreateEventA
GetTickCount
SetEnvironmentVariableA

netshell

HrLaunchConnection
NcFreeNetconProperties
HrRenameConnection
HrCreateDesktopIcon

Sections

.code
Size: 23KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.ndata
Size: 802KB - Virtual size: 802KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 6KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy