2aa6c61f0a9ac7dc387c3e603e84e051355907cfb014845b932a44206d916e49 | Triage

Submit
Reports

Overview

overview

8

Static

static

2aa6c61f0a...49.exe

windows7-x64

8

2aa6c61f0a...49.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

2aa6c61f0a9ac7dc387c3e603e84e051355907cfb014845b932a44206d916e49.exe

Resource

win7-20220901-en

discovery persistence

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

2aa6c61f0a9ac7dc387c3e603e84e051355907cfb014845b932a44206d916e49.exe

Resource

win10v2004-20220812-en

discovery persistence spyware stealer

windows10-2004-x64

14 signatures

150 seconds

General

Target

2aa6c61f0a9ac7dc387c3e603e84e051355907cfb014845b932a44206d916e49
Size

2.7MB
MD5

aa67e87044b673a9965f88bcb2052641
SHA1

882b308c58f66bf7c970245def366e6a8f8f451e
SHA256

2aa6c61f0a9ac7dc387c3e603e84e051355907cfb014845b932a44206d916e49
SHA512

5ba0b7d3bf721b195d61e5c5bd206fcc98af2312f84f6e4092b7dceae62a0bc01f81f9c23146f6844af0f64dc09463ba2dcb8d416fd0754b07a6896bdae19755
SSDEEP

49152:n48j7DHC6ItCgGTO2Jckc9kJtMrOJKkt8TDGersrZ2Y2QhFn+TZdKgklJ6VSr:4mHC6PgT+onr1ktUD14tT2snYXKgkl8g

Score

N/A

Malware Config

Signatures

Files

2aa6c61f0a9ac7dc387c3e603e84e051355907cfb014845b932a44206d916e49
.exe windows x86

25b4865dc23e96391e0e3f06eeaca43e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetLayout
CreateRectRgnIndirect
Rectangle
SetBkMode
ExtTextOutA
SetDIBColorTable
GetNearestPaletteIndex
SetBkColor

kernel32

EnumResourceNamesA
SetupComm
GetCommandLineW
GetLongPathNameW
CloseHandle
LocalFree
IsBadReadPtr
MoveFileW
ReleaseSemaphore
GetTickCount
GetFileSize
CreateSemaphoreW

shlwapi

PathFindExtensionA

user32

IsCharLowerW
PtInRect
GetLastInputInfo
SetMenuDefaultItem
CallWindowProcW
GetMenuCheckMarkDimensions
FrameRect
GetMenuStringW
MapVirtualKeyW
AttachThreadInput
GrayStringW
UnionRect
DestroyAcceleratorTable

comctl32

ImageList_LoadImageW
ImageList_Read
ImageList_AddMasked

Exports

Exports

?qkMJeSaZmytxQ@@YGPADMPAN@Z
?uNkshNY@@YGDHPAI@Z
?atIpbmShBOgpq@@YGPAHF@Z
?esiBohFgzwOjtn@@YGKHPAM@Z
?hyZfyGcBh@@YGFDG@Z

Sections

.itext
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 7.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy