d35a6ba4aa2af86779f6d8cc4f7fb0a28657652d41f54d72b4c8e7cae3031650 | Triage

Submit
Reports

Overview

overview

8

Static

static

d35a6ba4aa...50.exe

windows7-x64

8

d35a6ba4aa...50.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

d35a6ba4aa2af86779f6d8cc4f7fb0a28657652d41f54d72b4c8e7cae3031650.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

d35a6ba4aa2af86779f6d8cc4f7fb0a28657652d41f54d72b4c8e7cae3031650.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

d35a6ba4aa2af86779f6d8cc4f7fb0a28657652d41f54d72b4c8e7cae3031650
Size

830KB
MD5

f7d01c1376117fc56fcc793929729078
SHA1

8f5b062df1a4f1a7fc10eb1261d8344f0e94fb7c
SHA256

d35a6ba4aa2af86779f6d8cc4f7fb0a28657652d41f54d72b4c8e7cae3031650
SHA512

b8074574866d30cd0f8490f96a79d5da3e450234ac007026c1e301fbdde0fd180f35cee926952d6ccd36b7436cdbc47ac80403c74a3d646b63f6d5e9539472f9
SSDEEP

12288:GaVMAodhqJI5sC8NSDikDE8r/5XoUdK/7XPy+Nmw/jTDR9UA1jQa1:GdAodhSI5t8C75BUjRN9fDR9DjQa1

Score

N/A

Malware Config

Signatures

Files

d35a6ba4aa2af86779f6d8cc4f7fb0a28657652d41f54d72b4c8e7cae3031650
.exe windows x86

27a8348e7913f5fa16da19f0913d8c20

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetVolumePathNameA
GetShortPathNameW
HeapFree
SetVolumeLabelA
SetEnvironmentVariableA
GetVolumeInformationW
lstrcatW
CreateEventA
CreateMutexW
OpenEventW
WriteConsoleW
HeapCreate
LoadLibraryA
GetPrivateProfileIntW
SetStdHandle
GetStringTypeA
GetTickCount
lstrcpyA
GetCurrentProcess

aaclient

OpenKeyReader
LoadClientAdapter
OpenKeyReaderWriter
g_fnStartTransport

Sections

.text
Size: 23KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pdata
Size: 4KB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.odata
Size: 801KB - Virtual size: 801KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy