81677200a9e39058ab9e1c8c46080fc9127c085e8e9d50cd7be1001a2320910b | Triage

Submit
Reports

Overview

overview

Static

static

81677200a9...0b.exe

windows7-x64

81677200a9...0b.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

81677200a9e39058ab9e1c8c46080fc9127c085e8e9d50cd7be1001a2320910b.exe

Resource

win7-20220812-en

persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

81677200a9e39058ab9e1c8c46080fc9127c085e8e9d50cd7be1001a2320910b.exe

Resource

win10v2004-20220812-en

persistence spyware stealer upx

windows10-2004-x64

4 signatures

150 seconds

General

Target

81677200a9e39058ab9e1c8c46080fc9127c085e8e9d50cd7be1001a2320910b
Size

170KB
MD5

a2cd7f119759465b3564693e07892929
SHA1

2a66e6afebccedb2a38584df99bd725136f22cb2
SHA256

81677200a9e39058ab9e1c8c46080fc9127c085e8e9d50cd7be1001a2320910b
SHA512

df5cfe8befa2e83eedba7ccd71cbca9b53347302e824c8838dc437eeac1a5d5816edce2140316fc721e181d87dec6083319da114ac1c1cabe1385cdbd0751124
SSDEEP

3072:PJREIs4cTAnWZWiNHY0wK+iY+orHFXCeSorh9O4TCTHMIi2HLhJ65BzrriSpywwO:ds4cTAWZ60h+ivobMu9tTfT2rhJ6balP

Score

N/A

Malware Config

Signatures

Files

81677200a9e39058ab9e1c8c46080fc9127c085e8e9d50cd7be1001a2320910b
.exe windows x86

cbeac9bd4f127607944a8c47141ece4e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleOutputCP
GlobalGetAtomNameA
SetFilePointer
GetTimeFormatA
TlsGetValue
GetDateFormatA
GetLocaleInfoA
MultiByteToWideChar
TlsAlloc
HeapReAlloc
GetCPInfo
RtlUnwind
EnumResourceTypesW
VirtualAlloc
GetUserGeoID
WriteConsoleA
GetACP
HeapSize
SetStdHandle
TlsSetValue
GetOEMCP
IsValidCodePage
RaiseException

rpcrt4

RpcStringFreeA

shell32

SHGetUnreadMailCountW
DragAcceptFiles
SHBrowseForFolderA
ShellExecuteExA
SHGetFileInfoA
SHGetPathFromIDListA
SHAppBarMessage
Shell_NotifyIconA

user32

GetDesktopWindow
PeekMessageA
CharNextA
MessageBoxA
DispatchMessageW
LoadStringA
DispatchMessageA
wsprintfA

Sections

.text
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 86KB - Virtual size: 478KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy