4b3ff091435d453523d4be149a0ea9ffcc0bcc9aceb4e6c108d94d3d868f6109 | Triage

Submit
Reports

Overview

overview

8

Static

static

4b3ff09143...09.exe

windows7-x64

8

4b3ff09143...09.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

4b3ff091435d453523d4be149a0ea9ffcc0bcc9aceb4e6c108d94d3d868f6109.exe

Resource

win7-20220901-en

spyware stealer upx

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

4b3ff091435d453523d4be149a0ea9ffcc0bcc9aceb4e6c108d94d3d868f6109.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

4b3ff091435d453523d4be149a0ea9ffcc0bcc9aceb4e6c108d94d3d868f6109
Size

312KB
MD5

0e937e7a8e2e4513c57c4221f2bddb92
SHA1

4ecefca046ed902ebefda6f2362d1eaafe025dcd
SHA256

4b3ff091435d453523d4be149a0ea9ffcc0bcc9aceb4e6c108d94d3d868f6109
SHA512

3c10608a8e171df13ca28ba4ca89119478f34561e956e3dc455088c14ed228e7467f2c9b3b5ca386b55b1863c7cdcf8aeceede3126380889cb8153e903c5e539
SSDEEP

3072:+UyhBnIWy0FbbWnjUR7nhrYE9SpQ56Nb5tHInWuSBHje/XWnmTDtH3WXBjZ+7uWU:+UjWjyn2rYE9SpQ+HIn0jefa6ptKY

Score

N/A

Malware Config

Signatures

Files

4b3ff091435d453523d4be149a0ea9ffcc0bcc9aceb4e6c108d94d3d868f6109
.exe windows x86

25d5a16ffed4d692bab95c2554413b6d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyExW
RegCreateKeyW
RegCloseKey
RegDeleteKeyW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegSetValueW

user32

SetCursor
SetRectEmpty
AdjustWindowRectEx
GetWindowPlacement
GetClientRect
InvalidateRect
PostMessageW
FillRect

kernel32

UnhandledExceptionFilter
GetLongPathNameW
LoadLibraryW
SetThreadContext
CloseHandle
GetLastError
EnumResourceTypesW
GetCurrentProcessId
GlobalFree
ExitProcess
GetCurrentThreadId
GetModuleHandleW
GetProcAddress
CreateFileW
GetVersionExW

msvfw32

ICSendMessage
ICClose
ICOpen
ICDecompress

Sections

.text
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy