bd20be20043e2dc968e010a2fc1a7e079c43bd9c54ecdbd844a5e3fa9b8f3ae0 | Triage

Submit
Reports

Overview

overview

8

Static

static

bd20be2004...e0.exe

windows7-x64

8

bd20be2004...e0.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

bd20be20043e2dc968e010a2fc1a7e079c43bd9c54ecdbd844a5e3fa9b8f3ae0.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

bd20be20043e2dc968e010a2fc1a7e079c43bd9c54ecdbd844a5e3fa9b8f3ae0.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

bd20be20043e2dc968e010a2fc1a7e079c43bd9c54ecdbd844a5e3fa9b8f3ae0
Size

801KB
MD5

5bc11559e8b408070c5270b13925e537
SHA1

db3760c957df0c4e981d2f7db12d578e6bc2c166
SHA256

bd20be20043e2dc968e010a2fc1a7e079c43bd9c54ecdbd844a5e3fa9b8f3ae0
SHA512

1bcef28271ae394ff860dd4e57dbda3b6fee41f5b57899b65bf85270a306f6cbbaa778f22bc0f880a39aea6183e6ab36488369973d53e5d6890d6fce89495279
SSDEEP

12288:b47N5YB/F+LBMlZf9snT7+SEI+SgeF58qlo970eWH/IPkptROy+WI8Qd9u:J/4d4sT73iT68HqHwic78T

Score

N/A

Malware Config

Signatures

Files

bd20be20043e2dc968e010a2fc1a7e079c43bd9c54ecdbd844a5e3fa9b8f3ae0
.exe windows x86

3476398f6e78df970d40b0515c6ee7a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetFileAttributesA
TlsGetValue
HeapDestroy
GetPrivateProfileIntW
VirtualProtectEx
GetStringTypeA
GetDriveTypeA
lstrlenA
GetTickCount
CancelIo
DeviceIoControl
LoadLibraryA
DeleteFileA
ClearCommBreak
CreateEventW
HeapFree
GetCurrentProcess
GetPrivateProfileSectionA
OpenMutexA
FindVolumeClose
DeviceIoControl

uxtheme

GetThemeBool
SetWindowTheme
DrawThemeBackground
GetThemeColor
IsThemeActive
CloseThemeData
GetThemeSysSize
DrawThemeEdge
GetThemeTextExtent
GetThemeTextMetrics
CloseThemeData
OpenThemeData
GetWindowTheme

odbccp32

SQLGetAvailableDrivers
SQLConfigDataSource
SQLInstallDriver
SQLInstallODBC

msasn1

ASN1BERDecBool

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 794KB - Virtual size: 794KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy