8b490626d3441c7bf4ed8a805d124d84e709cd10a9ff38efcb2114d4b02cddd5 | Triage

Submit
Reports

Overview

overview

Static

static

8b490626d3...d5.exe

windows7-x64

8b490626d3...d5.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

8b490626d3441c7bf4ed8a805d124d84e709cd10a9ff38efcb2114d4b02cddd5.exe

Resource

win7-20220812-en

persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

8b490626d3441c7bf4ed8a805d124d84e709cd10a9ff38efcb2114d4b02cddd5.exe

Resource

win10v2004-20220812-en

persistence spyware stealer upx

windows10-2004-x64

4 signatures

150 seconds

General

Target

8b490626d3441c7bf4ed8a805d124d84e709cd10a9ff38efcb2114d4b02cddd5
Size

168KB
MD5

ccf7168d642875dc8235a0d7f4da973e
SHA1

49753a74eba6e370b1ea9c5c88bdf1c0c090edbd
SHA256

8b490626d3441c7bf4ed8a805d124d84e709cd10a9ff38efcb2114d4b02cddd5
SHA512

e3ad09e0e4bb15badd0a786b9ec72b92d572c4e1a07a8af1a9f19efe102fc5a41529bcff990540f3edf91bf1be8c616527952f5218e71e1ebcf00ee6826ac376
SSDEEP

3072:AIFQiNdaX1FXDxGNr3R4Nysxia4SnMyhUOn1ZjhA1gvxfQ5mg7kEJgQM:A01daFZMNl4NbityH1Zj9x44ckEL

Score

N/A

Malware Config

Signatures

Files

8b490626d3441c7bf4ed8a805d124d84e709cd10a9ff38efcb2114d4b02cddd5
.exe windows x86

e8382aad6437d4d7e264dd1283b77a83

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetFullPathNameA
GetCPInfo
GlobalFindAtomA
GetDiskFreeSpaceA
IsBadCodePtr
GetFileAttributesA
LCMapStringA
SetUnhandledExceptionFilter
GetThreadLocale
FlushFileBuffers
LCMapStringW
GetStringTypeW
IsBadReadPtr
SetFilePointer
VirtualProtect
EnumResourceNamesW
GetOEMCP
SetStdHandle
WriteFile
GetStringTypeA
GetStringTypeExA
CreateFileA
FreeEnvironmentStringsA
ReadFile
GetEnvironmentStringsW
UnhandledExceptionFilter
FindFirstFileA
WideCharToMultiByte
GetEnvironmentStrings
FreeEnvironmentStringsW
MulDiv

rpcrt4

RpcStringFreeA

shlwapi

SHGetInverseCMAP
PathAppendA
PathIsFileSpecA
PathIsContentTypeA
SHCreateStreamOnFileEx
PathCreateFromUrlW

Sections

.text
Size: 84KB - Virtual size: 480KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy