951366f3049d5404344219bac1a9122551669d0038b9fe8a309777ce71306900 | Triage

Submit
Reports

Overview

overview

8

Static

static

951366f304...00.exe

windows7-x64

8

951366f304...00.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

951366f3049d5404344219bac1a9122551669d0038b9fe8a309777ce71306900.exe

Resource

win7-20220901-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

951366f3049d5404344219bac1a9122551669d0038b9fe8a309777ce71306900.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

2 signatures

150 seconds

General

Target

951366f3049d5404344219bac1a9122551669d0038b9fe8a309777ce71306900
Size

809KB
MD5

d29037beb0df8f322140cd8d9065e34c
SHA1

ab7ae9a030b67d69c54aad75d612f7cc8e0dfcb7
SHA256

951366f3049d5404344219bac1a9122551669d0038b9fe8a309777ce71306900
SHA512

70fdac759473dd45ba5a36d2bbd43d6b7f06744f4e7683c4be985dab260415f866bfed538655d26a0893df74df303ec4e2008451ef36782b43da22fe30e66d92
SSDEEP

12288:iodG0eBqYPlx7hxTQG6t60wZiDWkJMh6R7e2NIei+/IbgcyjO++G48vXyp3n:LdOqgx7hxv7LwRTVi+j1jYG48vip3n

Score

N/A

Malware Config

Signatures

Files

951366f3049d5404344219bac1a9122551669d0038b9fe8a309777ce71306900
.exe windows x86

31a18b1daa1aa3455574b38995da257e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadConsoleW
GetFileSize
GetModuleFileNameA
DeleteFileA
GetStartupInfoA
GlobalFree
SetLastError
GetTickCount
EnterCriticalSection
RemoveDirectoryA
OpenSemaphoreW
lstrlenA
TlsGetValue
LoadLibraryA
OpenMutexA
GetEnvironmentStringsW
SetLastError
GetCommandLineA
Sleep
CreateDirectoryA
VirtualProtect
CreateDirectoryW
CreateFileA
CloseHandle
WriteConsoleW

user32

IsWindow
GetSysColor
DestroyMenu
DrawTextA
DispatchMessageA
DispatchMessageA
CallWindowProcA
PeekMessageA
GetWindowLongA
IsWindowEnabled
FindWindowW
SetFocus
GetClassInfoA

cmutil

??1CIniW@@QAE@XZ
??1CIniA@@QAE@XZ
??_FCIniW@@QAEXXZ
??_FCIniA@@QAEXXZ

advapi32

RegCloseKey

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 800KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy