660a090443eb5008943b8782ea2ecc95def8f8bcc30f633dfbf4b389a4bf1ed5 | Triage

Submit
Reports

Overview

overview

Static

static

660a090443...d5.exe

windows7-x64

660a090443...d5.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

660a090443eb5008943b8782ea2ecc95def8f8bcc30f633dfbf4b389a4bf1ed5.exe

Resource

win7-20221111-en

discovery evasion persistence spyware stealer upx

windows7-x64

19 signatures

150 seconds

Behavioral task

behavioral2

Sample

660a090443eb5008943b8782ea2ecc95def8f8bcc30f633dfbf4b389a4bf1ed5.exe

Resource

win10v2004-20221111-en

discovery evasion persistence spyware stealer upx

windows10-2004-x64

21 signatures

150 seconds

General

Target

660a090443eb5008943b8782ea2ecc95def8f8bcc30f633dfbf4b389a4bf1ed5
Size

278KB
MD5

50057c1e03635307782b81fb1d51715f
SHA1

459c4cda064d35b4ffc00465afec373d2aa7087e
SHA256

660a090443eb5008943b8782ea2ecc95def8f8bcc30f633dfbf4b389a4bf1ed5
SHA512

8056fb4e431ba5ac540de2618e9f447ad2c6c792bd39c431bc1de264f11a8da2c819be4e6f4aa0e74317c0806d6ae09ea4db98eff154da9408224a1344c2f89f
SSDEEP

6144:4QdfbmSvKXGbwqCVjOn0WhaUh/FjXeEH+0GfaBKNiPfcQtkU4ASK/:pXWE7IO0QJXB+44YPfr4pK

Score

N/A

Malware Config

Signatures

Files

660a090443eb5008943b8782ea2ecc95def8f8bcc30f633dfbf4b389a4bf1ed5
.exe windows x86

91c40f25f7d5d16ba023861bcd55b996

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

ole32

CLSIDFromString
CoCreateInstance
CoTaskMemFree
StgCreateDocfile

kernel32

InterlockedExchange
GlobalAddAtomA
LoadLibraryExW
QueryPerformanceCounter
FindClose
GetTickCount
EnumResourceNamesW
Sleep
GetStartupInfoA
InterlockedCompareExchange
ExitProcess
FreeLibrary
SetUnhandledExceptionFilter
GetLongPathNameA
RtlUnwind
GetProcAddress

setupapi

CM_Get_Depth
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

comdlg32

ChooseFontA
GetOpenFileNameA

Sections

.text
Size: 139KB - Virtual size: 275KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy