a517c35293d3ca75f9355145458b27060a18e6507d737606e91e089d63645e7a | Triage

Submit
Reports

Overview

overview

8

Static

static

a517c35293...7a.exe

windows7-x64

8

a517c35293...7a.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

a517c35293d3ca75f9355145458b27060a18e6507d737606e91e089d63645e7a.exe

Resource

win7-20220901-en

persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

a517c35293d3ca75f9355145458b27060a18e6507d737606e91e089d63645e7a.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

a517c35293d3ca75f9355145458b27060a18e6507d737606e91e089d63645e7a
Size

167KB
MD5

08cb45ee58950d96319c64ae267bcbee
SHA1

19402611f8738e52c35448606ed2c45f418e246d
SHA256

a517c35293d3ca75f9355145458b27060a18e6507d737606e91e089d63645e7a
SHA512

73199f4b14b126de35f6dd9d207171cc366cb7f45878a4e0178760b1b2d3682fa2f7c9bcf8b34c9354fb4d8b5c82305dbf519638d16f2910f7772c3de96ebf8d
SSDEEP

3072:PkQlrF7pMA8a99m9vEAPzejrLltj3ZE2+W70NnhgrY+yraRhD9E/ArAKqGS27dvl:MQBF7p78a99xMqjrL/3ZE1nJ+3RaKq4P

Score

N/A

Malware Config

Signatures

Files

a517c35293d3ca75f9355145458b27060a18e6507d737606e91e089d63645e7a
.exe windows x86

783b8f55887f639c8552ca23f9264e5f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend
TransparentBlt

gdi32

GetTextMetricsA
GetDeviceCaps
GetTextExtentPointA
DeleteObject
SelectObject
CreateFontIndirectA

ole32

CoGetMalloc
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
StringFromGUID2
CoTaskMemRealloc

kernel32

WriteFile
GetVersionExA
InitializeCriticalSection
GetCPInfo
GetCPInfoExW
GetStartupInfoA
GetEnvironmentStringsW
WideCharToMultiByte
SetHandleCount
TlsSetValue
DeleteCriticalSection
GetEnvironmentStrings
GetACP
UnhandledExceptionFilter
GetFileType
RaiseException
EnumResourceTypesA
FreeEnvironmentStringsA
GetTickCount
FreeEnvironmentStringsW
GetOEMCP
InterlockedIncrement
InterlockedExchange
lstrlenW
GetLocaleInfoA
EnterCriticalSection
GetCommandLineW
GetStdHandle
GetThreadLocale
MultiByteToWideChar
QueryPerformanceCounter
TlsGetValue
HeapSize
GetLastError
LeaveCriticalSection
GetCurrentProcessId

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy