3601bb3b7cc74ff15abaa9c09e20d4b55b293788ff40d904d1fae4c03af2f699 | Triage

Submit
Reports

Overview

overview

8

Static

static

3601bb3b7c...99.exe

windows7-x64

8

3601bb3b7c...99.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

3601bb3b7cc74ff15abaa9c09e20d4b55b293788ff40d904d1fae4c03af2f699.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

3601bb3b7cc74ff15abaa9c09e20d4b55b293788ff40d904d1fae4c03af2f699.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

3601bb3b7cc74ff15abaa9c09e20d4b55b293788ff40d904d1fae4c03af2f699
Size

798KB
MD5

534877f6d399c6fa35b06d3e1d1a61a0
SHA1

0895e124c32a9cd58f3734532cab14aa9e673b03
SHA256

3601bb3b7cc74ff15abaa9c09e20d4b55b293788ff40d904d1fae4c03af2f699
SHA512

5704da7500cc0d0121ebc722e631a238a59762eb115c4617cd4fbce412461c4fe482880cf892b81a44df88a39a09386914e15780a6e38a9675e10b68b677cc10
SSDEEP

12288:AssonRw8Qm1IL+GxpEU+RvctumEBncCgV6+CbXaPIsFkCe+xjhKY0zepB07Y3eOn:/soR7IL+TUNacCgV6+Cm9OgsboY5Vs

Score

N/A

Malware Config

Signatures

Files

3601bb3b7cc74ff15abaa9c09e20d4b55b293788ff40d904d1fae4c03af2f699
.exe windows x86

42e1f203bdfd83deeef7a2d04e6a7b35

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleFileNameA
GetCurrentThreadId
CreateFileW
CreateDirectoryA
SetFilePointer
GetStdHandle
InterlockedExchange
LocalFlags
CreateFileW
SuspendThread
IsValidLocale
GetLocaleInfoA
GetTickCount
ResumeThread
LeaveCriticalSection
HeapDestroy
AddAtomW
GetFileAttributesW
lstrlenA
GetModuleHandleA
CreateMutexA
GetVersionExA
SetEvent
VirtualProtect
OpenEventW

user32

PeekMessageA
LoadCursorA
DestroyIcon
IsMenu
wsprintfA
GetWindowLongA
GetWindowTextA
DestroyMenu
DispatchMessageA
SetRect
GetWindowLongA
IsMenu
MessageBoxA

dplayx

DllGetClassObject
DllUnregisterServer
DllCanUnloadNow
DllRegisterServer

advapi32

IsValidAcl

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 756KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 793KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy