abc2835f06cb1b09c0798547bfe0761ed813df7152fcdaf5cedb1a2187f7d1cb | Triage

Submit
Reports

Overview

overview

8

Static

static

abc2835f06...cb.exe

windows7-x64

8

abc2835f06...cb.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

abc2835f06cb1b09c0798547bfe0761ed813df7152fcdaf5cedb1a2187f7d1cb.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

abc2835f06cb1b09c0798547bfe0761ed813df7152fcdaf5cedb1a2187f7d1cb.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

abc2835f06cb1b09c0798547bfe0761ed813df7152fcdaf5cedb1a2187f7d1cb
Size

811KB
MD5

8b8754eb09dfbe7c42b76befa92fed32
SHA1

6ffe30a27ed3d91e031044ce703941240212961c
SHA256

abc2835f06cb1b09c0798547bfe0761ed813df7152fcdaf5cedb1a2187f7d1cb
SHA512

019f7133adf453778e16460328418b0bbfc3930025cdac339d3e14a28d1fa28a927d032653caf8478c8a3ce3facd929245bfaaf3efeb3a8e1d04ee1fb7f1f5c0
SSDEEP

24576:AAsQxRINIXt0k9u65n+NCYcWuNZh9T6iCbV5OWokUN:ayeI9BuOmoWIT9+ieV5OSU

Score

N/A

Malware Config

Signatures

Files

abc2835f06cb1b09c0798547bfe0761ed813df7152fcdaf5cedb1a2187f7d1cb
.exe windows x86

5b7dd877bad8df451395dbac7c457e1e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetProcessHeap
CreateFileA
VirtualProtectEx
GetFileTime
CloseHandle
FindClose
InitializeCriticalSection
GetDriveTypeA
GetCalendarInfoW
GetStartupInfoA
GetLocalTime
GetCurrentThreadId
RemoveDirectoryA
LeaveCriticalSection
GetModuleHandleA
LocalLock
DeleteFileA
GetConsoleMode
CreateDirectoryA
GetModuleFileNameA
GlobalFree
TlsGetValue
EnterCriticalSection
WriteConsoleW

user32

IsWindowEnabled
MessageBoxA
GetWindowLongA
PeekMessageA
EqualRect
IsWindowVisible
GetKeyState
GetWindowDC
GetWindowLongA
GetSysColor
FillRect
DispatchMessageA
wsprintfA

cryptsvc

CryptServiceMain
CryptServiceMain
CryptServiceMain
CryptServiceMain

advapi32

IsValidSid

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 800KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy