1249b13257700ff53fff4613326f6d2dc81be27198431559269a3daf99f2f324 | Triage

Submit
Reports

Overview

overview

8

Static

static

1249b13257...24.exe

windows7-x64

8

1249b13257...24.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

1249b13257700ff53fff4613326f6d2dc81be27198431559269a3daf99f2f324.exe

Resource

win7-20221111-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

1249b13257700ff53fff4613326f6d2dc81be27198431559269a3daf99f2f324.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

1249b13257700ff53fff4613326f6d2dc81be27198431559269a3daf99f2f324
Size

810KB
MD5

48bccc4b387b9fa3771df965f2e7fb81
SHA1

51f33327ee46d9bc64a11b09ed31cfed1981989c
SHA256

1249b13257700ff53fff4613326f6d2dc81be27198431559269a3daf99f2f324
SHA512

e4806fe3547786fac972e02af74202fce439b8f83970aeda4760846730a8ac89989755f4352c18f5cb2a1f8e6ddfff937d078b03f87841b10779253c0d717461
SSDEEP

24576:cRBDRW1xzYJH2YJs88NrDD6F8iUaCHLHS9kBbAVoBf:cTDRRVC86rDDqUHLyWhAVoBf

Score

N/A

Malware Config

Signatures

Files

1249b13257700ff53fff4613326f6d2dc81be27198431559269a3daf99f2f324
.exe windows x86

95eb6918bd9b1ea7a894880cdf247f2f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VirtualProtect
OpenMutexW
GetLogicalDriveStringsW
SetCurrentDirectoryW
GetLogicalDrives
GetLogicalDrives
GetFileAttributesA
GetModuleHandleA
GetStdHandle
CreateEventA
GetLogicalDrives
GetStringTypeA
GetTickCount
GetModuleHandleW
lstrcpyW
GetLogicalDrives

scecli

SceSetupGenerateTemplate
SceOpenPolicy
DeltaNotify
InitializeChangeNotify

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ydata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.kdata
Size: 800KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy