84192bb83651c21dd74e8f2a9d1b2931fb6deab5f48320e1c43700e64c569eda | Triage

Submit
Reports

Overview

overview

8

Static

static

84192bb836...da.exe

windows7-x64

8

84192bb836...da.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

84192bb83651c21dd74e8f2a9d1b2931fb6deab5f48320e1c43700e64c569eda.exe

Resource

win7-20220901-en

discovery persistence spyware stealer upx

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

84192bb83651c21dd74e8f2a9d1b2931fb6deab5f48320e1c43700e64c569eda.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

84192bb83651c21dd74e8f2a9d1b2931fb6deab5f48320e1c43700e64c569eda
Size

810KB
MD5

f6e97222ef451ebb396643a483178e6c
SHA1

7948a09fdab3701ccef807f750cc0104600dbc89
SHA256

84192bb83651c21dd74e8f2a9d1b2931fb6deab5f48320e1c43700e64c569eda
SHA512

7de6aed9abbf08f99882226262e62d23ee457f5f565c20c8fb2b4986fff00242b841249252aeaa4c5a12fcc66319b5b41040363defec1c3939faacbfc4f27150
SSDEEP

12288:6uaGtp14tE91eo2ppuQPB6oGT3doglwKutPrfXtzhdsnVxqBBNOFQgpVmSQsojJl:BaS0pYQP+T3rudlaxqBBNOWwQsm81

Score

N/A

Malware Config

Signatures

Files

84192bb83651c21dd74e8f2a9d1b2931fb6deab5f48320e1c43700e64c569eda
.exe windows x86

2dd154eabb45c59a810ed34c82877688

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetPrivateProfileIntA
FindClose
LoadLibraryW
FindAtomA
GlobalFree
CreateFileMappingW
MapViewOfFile
GetComputerNameA
SetLastError
GetFileAttributesA
GetStdHandle
lstrlenW
VirtualAlloc
GetModuleHandleW
CloseHandle
TlsGetValue
GetTickCount
ExitProcess
GetLocalTime

user32

GetClientRect
CallWindowProcA
CloseWindow
DrawStateA
EndDialog
GetDlgItem
GetMenu
GetCaretPos
CreateWindowExA
DestroyCaret
GetClassInfoA
DispatchMessageA
FillRect

cryptui

CryptUIDlgSelectStoreA
CryptUIDlgSelectCA
LocalEnroll
CryptUIDlgCertMgr
WizardFree

dsound

DirectSoundCreate

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 801KB - Virtual size: 800KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy