9871f7115ca73456d919acced34c3e9049f0dff21ca6c85285ffc914b6190d13 | Triage

Submit
Reports

Overview

overview

Static

static

9871f7115c...13.exe

windows7-x64

9871f7115c...13.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

9871f7115ca73456d919acced34c3e9049f0dff21ca6c85285ffc914b6190d13.exe

Resource

win7-20221111-en

persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

9871f7115ca73456d919acced34c3e9049f0dff21ca6c85285ffc914b6190d13.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

9871f7115ca73456d919acced34c3e9049f0dff21ca6c85285ffc914b6190d13
Size

160KB
MD5

2fba560af0e9bac28441909acf275690
SHA1

146562fe0d376a4d4b70a885eb50d5cd93a37e8a
SHA256

9871f7115ca73456d919acced34c3e9049f0dff21ca6c85285ffc914b6190d13
SHA512

1905bbc6c9a5e29102f0b1c4e6163422651239cf2c7bfad5ba4ce212f8aab07013018a698914e88d74880381986ea645299cecb11e6453df48ed5a53e3085513
SSDEEP

3072:sq9BGwo0hhFIU7dVXMqS+H/U2LxDleCR5dpaB1AwdRkq4JAC4WCPoDt:1C0hhBdBMh+M2neCRS1Ack6PoB

Score

N/A

Malware Config

Signatures

Files

9871f7115ca73456d919acced34c3e9049f0dff21ca6c85285ffc914b6190d13
.exe windows x86

739cac25d01d24169d006e02cee9f5b1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wtsapi32

WTSUnRegisterSessionNotification
WTSFreeMemory
WTSEnumerateSessionsW
WTSQuerySessionInformationW
WTSRegisterSessionNotification

oleacc

LresultFromObject
AccessibleObjectFromEvent

kernel32

GetEnvironmentVariableA
LoadLibraryExW
CreateFileW
HeapSize
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InterlockedExchange
HeapFree
RaiseException
GetCurrentProcessId
GetTickCount
HeapFree
GetLocaleInfoA
IsDebuggerPresent
WriteFile
GetStdHandle
MultiByteToWideChar
lstrlenW
Sleep
GetCurrentThreadId
lstrlenA
GetModuleHandleA
SystemTimeToFileTime
TerminateProcess
LocalAlloc
EnumResourceTypesW
GetProcessHeap
GetStartupInfoA
LoadLibraryW
GetACP
GetSystemTimeAsFileTime
HeapReAlloc
GetSystemTime
CompareFileTime
HeapDestroy
InterlockedCompareExchange
HeapAlloc
WideCharToMultiByte
CloseHandle
QueryPerformanceCounter
GetCurrentProcess
CreateProcessA
GetThreadLocale
lstrcpynW

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 409KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy