1a2f1be6cf5bb686d0ae40d996433c0aa1408ea0941469c5b2c851e1e4fd23ee | Triage

Submit
Reports

Overview

overview

8

Static

static

1a2f1be6cf...ee.exe

windows7-x64

8

1a2f1be6cf...ee.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

1a2f1be6cf5bb686d0ae40d996433c0aa1408ea0941469c5b2c851e1e4fd23ee.exe

Resource

win7-20221111-en

persistence spyware stealer

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

1a2f1be6cf5bb686d0ae40d996433c0aa1408ea0941469c5b2c851e1e4fd23ee.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

1a2f1be6cf5bb686d0ae40d996433c0aa1408ea0941469c5b2c851e1e4fd23ee
Size

289KB
MD5

14f703eac625f787521daa6229593fa3
SHA1

42b490c5f7f2b50bebbef41b4be0b04b6a327e23
SHA256

1a2f1be6cf5bb686d0ae40d996433c0aa1408ea0941469c5b2c851e1e4fd23ee
SHA512

48da40c592342b46666b29c687f5851f845784a14c90d62db0f158e00843330f7aa809b6b57c5ca381c81df5e106bcdd60523cdd5867b59fd9b6363d962f850c
SSDEEP

6144:yh3CSR1Q6LvgEknaG9CWxYEx0+K8ALwATcu3UZ4/+d5W9:yxRybx6+ZRATj3p/r

Score

N/A

Malware Config

Signatures

Files

1a2f1be6cf5bb686d0ae40d996433c0aa1408ea0941469c5b2c851e1e4fd23ee
.exe windows x86

1a184f33624194ad8185f04727ea2c79

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

NtUnmapViewOfSection

ws2_32

inet_ntoa
WSAStartup
inet_addr
WSAConnect
htons
WSACleanup
recv
gethostbyname
send
WSASocketA

wininet

InternetGetConnectedState

kernel32

HeapAlloc
CloseHandle
HeapFree
WriteFile
CreateFileA
SetFilePointer
GetProcessHeap
ExitProcess
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
DeleteFileA

user32

wvsprintfA

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 190KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy