5810c122eab15102595866eef75741f6964fcf63364b306eac25c71f44db069a | Triage

Submit
Reports

Overview

overview

8

Static

static

5810c122ea...9a.exe

windows7-x64

8

5810c122ea...9a.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

5810c122eab15102595866eef75741f6964fcf63364b306eac25c71f44db069a.exe

Resource

win7-20221111-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

5810c122eab15102595866eef75741f6964fcf63364b306eac25c71f44db069a.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

5810c122eab15102595866eef75741f6964fcf63364b306eac25c71f44db069a
Size

812KB
MD5

e5fbb62761285aee0cea33192fd9e6fc
SHA1

aa4cea692722002cbfa269893f55eb3b6885688e
SHA256

5810c122eab15102595866eef75741f6964fcf63364b306eac25c71f44db069a
SHA512

2f0bb063420898a6137d21d72a121df9612c186d27c4f15638ddb7d1802f8fefb5572bea975899ef1d4fd21fa10e6621a3657bcc46fe49896fdb5549c6f3c0b5
SSDEEP

24576:p7NNuNd8dVDGGK8urgyuifumjV4Kvnkjlcu3RWoUN:p54Nd83D1yuiGmj+zcAgN

Score

N/A

Malware Config

Signatures

Files

5810c122eab15102595866eef75741f6964fcf63364b306eac25c71f44db069a
.exe windows x86

ecbe026beebf4f2746c8e628d83be866

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSize
VirtualProtect
CloseHandle
SetEvent
ReadConsoleW
GetEnvironmentStringsW
OpenSemaphoreW
GlobalFree
GetStartupInfoA
GetModuleFileNameA
RemoveDirectoryA
CreateDirectoryA
GetCommandLineA
LoadLibraryA
CreateDirectoryW
GetTickCount
lstrlenA
SetLastError
CreateFileA
SetLastError
WriteConsoleA
EnterCriticalSection
OpenMutexA
Sleep
DeleteFileA

user32

CallWindowProcA
GetSysColor
DestroyMenu
FindWindowA
DispatchMessageA
DispatchMessageA
PeekMessageA
GetWindowLongA
IsWindow
GetClassInfoA
IsZoomed
SetFocus
DrawTextA

cfgbkend

DllCanUnloadNow
DllRegisterServer
DllGetClassObject
DllUnregisterServer

advapi32

RegCloseKey

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 800KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy