b22d678494fd0b8b89bb71651089ded885f6ca7c856b467193e9851279cbeca7 | Triage

Submit
Reports

Overview

overview

8

Static

static

b22d678494...a7.exe

windows7-x64

8

b22d678494...a7.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

b22d678494fd0b8b89bb71651089ded885f6ca7c856b467193e9851279cbeca7.exe

Resource

win7-20221111-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

b22d678494fd0b8b89bb71651089ded885f6ca7c856b467193e9851279cbeca7.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

b22d678494fd0b8b89bb71651089ded885f6ca7c856b467193e9851279cbeca7
Size

798KB
MD5

edd26789e1cd0b1e9ed6f38e805a16ad
SHA1

c3b0ec07c7fd1715d95cd3ec87d64906371110d5
SHA256

b22d678494fd0b8b89bb71651089ded885f6ca7c856b467193e9851279cbeca7
SHA512

0e9ebaaf078b51d9dd96866f7c3472f769d210667d66499173558ffcabc3dda43b7ca0c1a24cbf5c6ea7aa071225468200f279a9f912200af7db61d641211f0a
SSDEEP

24576:E+HB9ABLujvXm6Eg4iwniWShc8nOPjGHcg:dBhjv2ua6C8nAGHf

Score

N/A

Malware Config

Signatures

Files

b22d678494fd0b8b89bb71651089ded885f6ca7c856b467193e9851279cbeca7
.exe windows x86

934116e850f3e5bff3f51e60f887b8b9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
GetFileAttributesW
GetFileAttributesW
SetCommBreak
VirtualProtectEx
GetVersionExA
RemoveDirectoryW
CreateDirectoryW
SetLastError
LocalFlags
FindClose
GetPrivateProfileSectionA
GlobalLock
HeapFree
GetCurrentProcess
DeviceIoControl
GetCurrentThread
GetPrivateProfileIntA
GetModuleHandleA
GetStringTypeA
CreateEventA

user32

DispatchMessageA
LoadCursorW
PostMessageW
wsprintfW
PeekMessageW
InsertMenuA
SetCursorPos
IsWindow
IsDialogMessageA
IsZoomed
SetFocus
GetWindowLongW
GetWindowTextW

netshell

DllCanUnloadNow
DllGetClassObject
HrCreateDesktopIcon
DllRegisterServer

uxtheme

CloseThemeData

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 789KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.import
Size: 512B - Virtual size: 396B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy