873e17cb3e44a5cd0bafaf16561b96605aa81f511977592e4f47f18c53b0e5e8 | Triage

Submit
Reports

Overview

overview

8

Static

static

873e17cb3e...e8.exe

windows7-x64

8

873e17cb3e...e8.exe

windows10-2004-x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

873e17cb3e44a5cd0bafaf16561b96605aa81f511977592e4f47f18c53b0e5e8.exe

Resource

win7-20221111-en

spyware stealer upx

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

873e17cb3e44a5cd0bafaf16561b96605aa81f511977592e4f47f18c53b0e5e8.exe

Resource

win10v2004-20220901-en

spyware stealer upx

windows10-2004-x64

3 signatures

150 seconds

General

Target

873e17cb3e44a5cd0bafaf16561b96605aa81f511977592e4f47f18c53b0e5e8
Size

187KB
MD5

5e96d7379616881d5c7be40f8763c162
SHA1

3e7f1d0562e56ccaf52d69aa2112985121f9806e
SHA256

873e17cb3e44a5cd0bafaf16561b96605aa81f511977592e4f47f18c53b0e5e8
SHA512

e893e4f87198d3329e3fd00772df5c5b4fe5d40d2e34f62d761d1dd81ff1d539d0a2a9fa2254f6564e84787a1dd62e2b6b0a15c4d0e1ed3c975bbb5dcf2e06fc
SSDEEP

3072:v1xMCqMqBmURLd8y/Ra3cEawm/0PbyavuMoMt0kgJpgs4wJvPZ0aCG1n7nF:v1nqPBZLfocL/0DuMoMtRspr4wJvPZ0I

Score

N/A

Malware Config

Signatures

Files

873e17cb3e44a5cd0bafaf16561b96605aa81f511977592e4f47f18c53b0e5e8
.exe windows x86

d34344388c33c3956f080fe19be38bf6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameA
GetLocaleInfoA
HeapSize
TlsAlloc
GetConsoleOutputCP
TlsSetValue
GetTimeFormatA
IsValidCodePage
RtlUnwind
WriteConsoleA
EnumResourceNamesA
SetFilePointer
GetOEMCP
HeapReAlloc
SetStdHandle
CreateHardLinkA
TlsGetValue
GetCPInfo
MultiByteToWideChar
GetDateFormatA
VirtualAlloc
GetACP
RaiseException

user32

LoadStringA
DispatchMessageA
DispatchMessageW
GetDesktopWindow
MessageBoxA
PeekMessageA
CharNextA
wsprintfA

shell32

SHGetFolderLocation
SHGetPathFromIDListA
ShellExecuteExA
ShellExecuteA
SHGetSpecialFolderLocation
SHAppBarMessage
SHGetFileInfoA
SHGetDesktopFolder
DragAcceptFiles
SHBrowseForFolderA
SHGetMalloc
Shell_NotifyIconA

rpcrt4

RpcStringFreeA

Sections

.text
Size: 91KB - Virtual size: 230KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy