0d55c8738091669dbe1a7045ec96b909a246ef4ce15def73a86d6ab5987b4c6e | Triage

Submit
Reports

Overview

overview

8

Static

static

0d55c87380...6e.exe

windows7-x64

8

0d55c87380...6e.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

0d55c8738091669dbe1a7045ec96b909a246ef4ce15def73a86d6ab5987b4c6e.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

0d55c8738091669dbe1a7045ec96b909a246ef4ce15def73a86d6ab5987b4c6e.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

0d55c8738091669dbe1a7045ec96b909a246ef4ce15def73a86d6ab5987b4c6e
Size

811KB
MD5

0ded6bb9cb3e8472e5727c189f63b136
SHA1

44319486d896c044c8a84cf38a75f1c32c85bf0e
SHA256

0d55c8738091669dbe1a7045ec96b909a246ef4ce15def73a86d6ab5987b4c6e
SHA512

692e6209ba93920def73bbbf0ebaf57cd1de36a896ccbc574b7161b902758726f0e2ae12caca3e2bb97a6820bbcc6fb3ecc9fdce2ebdf08d28747daa3c1b695d
SSDEEP

24576:lUssqoIqhylv93Jn4GN5kqX207y3oyjhfM3Ql:T8ZhyldJi020u3fRM3k

Score

N/A

Malware Config

Signatures

Files

0d55c8738091669dbe1a7045ec96b909a246ef4ce15def73a86d6ab5987b4c6e
.exe windows x86

9f0957c1f38f40b4c30a9cd7ca73d9a8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
GetLocalTime
GetStartupInfoA
GetCalendarInfoW
FindClose
TlsGetValue
GetConsoleMode
VirtualProtectEx
GlobalLock
GetModuleHandleA
DeleteFileA
InitializeCriticalSection
GetCurrentThreadId
Sleep
GetFileTime
GetModuleFileNameA
GetProcessHeap
LeaveCriticalSection
CreateDirectoryA
WriteConsoleW
GetDriveTypeA
CloseHandle
LocalLock
RemoveDirectoryW
CreateFileA

user32

EqualRect
GetWindowDC
PeekMessageA
IsWindowEnabled
DispatchMessageA
IsWindowVisible
FillRect
MessageBoxA
GetWindowLongA
GetSysColor
wsprintfA
GetKeyState
GetWindowLongA

cryptsvc

CryptServiceMain
CryptServiceMain
CryptServiceMain
CryptServiceMain

advapi32

IsValidSid

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 800KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy