46027fe305b69bab6fbfccf859100b58421e65e545a8cb6bc08060fda99a1532 | Triage

Submit
Reports

Overview

overview

8

Static

static

46027fe305...32.exe

windows7-x64

8

46027fe305...32.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

46027fe305b69bab6fbfccf859100b58421e65e545a8cb6bc08060fda99a1532.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

46027fe305b69bab6fbfccf859100b58421e65e545a8cb6bc08060fda99a1532.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

46027fe305b69bab6fbfccf859100b58421e65e545a8cb6bc08060fda99a1532
Size

812KB
MD5

ea0f06b10b391e2fd3a125e1370dc66d
SHA1

c1ae4f4b75a738e8ce51a826c22a164ce3886831
SHA256

46027fe305b69bab6fbfccf859100b58421e65e545a8cb6bc08060fda99a1532
SHA512

ec33bac61f6b50f2686c8f2895b18221e82f433784b6e8667e1f02aa12d583144bfbabd2750bc3f9cb26dd75865865e4f5c75f0636c1b92b3b1147b2f83aa510
SSDEEP

24576:amJGgMbU0GlXQxpamjMBSZtCCh0LADb/Ksoo0aZ:a3gMlGlIpxjMsZHhQAn/Ksoo0o

Score

N/A

Malware Config

Signatures

Files

46027fe305b69bab6fbfccf859100b58421e65e545a8cb6bc08060fda99a1532
.exe windows x86

ba23133f264431c31a5581e2d34861f3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
HeapCreate
GetShortPathNameW
lstrcpyA
GetStringTypeA
LeaveCriticalSection
CreateMutexW
GetPrivateProfileIntW
GetCurrentProcess
EnterCriticalSection
SetCurrentDirectoryA
SetEnvironmentVariableA
SetVolumeLabelA
FoldStringA
SetStdHandle
GetTickCount
GetConsoleTitleA
DeleteFileA
GetVolumePathNameW

aaclient

LoadClientAdapter
g_fnStartTransport
OpenKeyReader
OpenKeyReaderWriter

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gdata
Size: 1024B - Virtual size: 726B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fdata
Size: 801KB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy