e49fd3474946968b5c697891ae8a2eb00c6c87d0fee9048b81273d33f85ff3e4 | Triage

Submit
Reports

Overview

overview

Static

static

e49fd34749...e4.exe

windows7-x64

e49fd34749...e4.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

e49fd3474946968b5c697891ae8a2eb00c6c87d0fee9048b81273d33f85ff3e4.exe

Resource

win7-20221111-en

persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

e49fd3474946968b5c697891ae8a2eb00c6c87d0fee9048b81273d33f85ff3e4.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

e49fd3474946968b5c697891ae8a2eb00c6c87d0fee9048b81273d33f85ff3e4
Size

171KB
MD5

1ca9aaa6c78d20cf0592510dc837d40c
SHA1

6176b455acfd00047cd34d29555328ef12f4f131
SHA256

e49fd3474946968b5c697891ae8a2eb00c6c87d0fee9048b81273d33f85ff3e4
SHA512

1eed7bfa0c28f5a36c14d6381c7e47554e8a1f30d0f16f9b59b4db4d50e82f831ab68a4bed0edba2cc60ad9587c5f9375e4fb542b2eaf6dd22f833968cb3de03
SSDEEP

3072:m9d5TIvK/NiaNJMzTSQiQ00E3TP7DOVg6KDvgCEV+MqVOqMTMSQ:m9d5EvK/caN1Q1nE3DvTg5HqUTMSQ

Score

N/A

Malware Config

Signatures

Files

e49fd3474946968b5c697891ae8a2eb00c6c87d0fee9048b81273d33f85ff3e4
.exe windows x86

caf43b17ef80133d43646e25586ce55a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

FindFirstFileW
ConvertFiberToThread
SystemTimeToFileTime
FileTimeToSystemTime
GetLocalTime
SetErrorMode
SetThreadPriority
FreeLibrary
SetCurrentDirectoryW
FindNextFileW
EnumResourceNamesW
FindClose
LoadResource
GetStringTypeW
SetEnvironmentVariableW
RegisterWaitForSingleObject
FileTimeToLocalFileTime
GetShortPathNameW
FindResourceW
CompareStringA
LocalFileTimeToFileTime
SearchPathW

user32

InvalidateRgn
GetCapture
SetCapture
ExcludeUpdateRgn
ValidateRect
ValidateRgn
ReleaseCapture
RealGetWindowClassA
GetUpdateRgn

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 940B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy