f44c825793ae91bc0234a89523aec87110ec35c08c3f640f5f99aac546efe525 | Triage

Submit
Reports

Overview

overview

8

Static

static

f44c825793...25.exe

windows7-x64

8

f44c825793...25.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

f44c825793ae91bc0234a89523aec87110ec35c08c3f640f5f99aac546efe525.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

f44c825793ae91bc0234a89523aec87110ec35c08c3f640f5f99aac546efe525.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

f44c825793ae91bc0234a89523aec87110ec35c08c3f640f5f99aac546efe525
Size

800KB
MD5

4c80aed43b253f719893975bac2ee25b
SHA1

84dcd1f4da00c907c63621103e0b105e4d4c12c4
SHA256

f44c825793ae91bc0234a89523aec87110ec35c08c3f640f5f99aac546efe525
SHA512

9169898d9c793f711b6358f02a2103add38effbea77842af6888aceba1fd3fcc213acf943ebd441dde1c53826ba3287cd6eec3c3aaeaa59bfd45c9401b1705e5
SSDEEP

12288:EaFYru1hYyLOKCzoDi4NGMHM/mk0HmE0H7o9x049WWaH0d3rlvHxe9oNlwM2pf+Q:E4hYyLvxNLHMONJi7oQ49WexqMAGa

Score

N/A

Malware Config

Signatures

Files

f44c825793ae91bc0234a89523aec87110ec35c08c3f640f5f99aac546efe525
.exe windows x86

d340ff9ea75edacd710199f1ff4776a8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

HeapDestroy
SetLastError
TlsGetValue
GetProcessHeap
DeviceIoControl
GetDriveTypeA
HeapFree
LoadLibraryW
CreateEventW
DeviceIoControl
lstrlenA
GetCurrentThread
ClearCommBreak
GetPrivateProfileIntW
VirtualProtectEx
GetFileAttributesW
CreateMutexA
DeleteFileA
GetPrivateProfileSectionA
GetStringTypeW
ResumeThread

rasapi32

DwEnumEntryDetails
RasDialA
DwRasUninitialize
DwRasUninitialize
RasDialA
DwCloneEntry
DwCloneEntry
DwEnumEntryDetails
RasDeleteEntryA
DwRasUninitialize
RasDeleteEntryA
DwEnumEntryDetails
RasDialA

pdh

PdhGetLogFileSize
PdhCloseLog
PdhGetLogFileTypeA
PdhAddCounterA

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 1.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 794KB - Virtual size: 794KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy