d4fbaff7961b9aea911f3be177ac35f09faeab48f2da5cfbf84e097f8b57493f | Triage

Submit
Reports

Overview

overview

8

Static

static

d4fbaff796...3f.exe

windows7-x64

8

d4fbaff796...3f.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

d4fbaff7961b9aea911f3be177ac35f09faeab48f2da5cfbf84e097f8b57493f.exe

Resource

win7-20221111-en

spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

d4fbaff7961b9aea911f3be177ac35f09faeab48f2da5cfbf84e097f8b57493f.exe

Resource

win10v2004-20220812-en

spyware stealer upx

windows10-2004-x64

7 signatures

150 seconds

General

Target

d4fbaff7961b9aea911f3be177ac35f09faeab48f2da5cfbf84e097f8b57493f
Size

183KB
MD5

2d52a454a9b78db1509d62dea385d15c
SHA1

8dea2da0d3fa7e9ce1eff18e4798bddfdad2d57f
SHA256

d4fbaff7961b9aea911f3be177ac35f09faeab48f2da5cfbf84e097f8b57493f
SHA512

f4e7961b300eba29736d5fcfa94db009ebe5e7d360989720341a2f7da5f3b2ae4baa839e2ab82a2003e3dbc8c1d3582bef14b981ce0ef4148949265d4684720d
SSDEEP

3072:CzIITglntYsALBO6tBONx+LMG/kh8rhg1rUyaYVk8r68i/kRylgEe2O0:fIgHAM+BsrKFwrVLOf/NQ

Score

N/A

Malware Config

Signatures

Files

d4fbaff7961b9aea911f3be177ac35f09faeab48f2da5cfbf84e097f8b57493f
.exe windows x86

b9a8c64504015470eeb803fb73c5231b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

newdev

UpdateDriverForPlugAndPlayDevicesW

kernel32

GetVersionExA
AddAtomA
GetModuleHandleA
HeapFree
TlsSetValue
TlsGetValue
HeapAlloc
EnumResourceLanguagesW
GetProcAddress
GetPrivateProfileStructW
ExitProcess
TlsAlloc
FlushFileBuffers
GetProcessHeap
TlsFree

setupapi

CM_Get_Parent
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

comctl32

ImageList_DragLeave
ImageList_DragMove
ImageList_DragEnter

shell32

SHGetFolderPathW

shlwapi

StrCmpNIA
StrStrA

iphlpapi

GetIpAddrTable

Sections

.text
Size: 92KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy