861507707edb8663b5cb3d66eb5df275862db71a0d8f17e07cdaac1a499d7257 | Triage

Submit
Reports

Overview

overview

8

Static

static

861507707e...57.exe

windows7-x64

8

861507707e...57.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

861507707edb8663b5cb3d66eb5df275862db71a0d8f17e07cdaac1a499d7257.exe

Resource

win7-20221111-en

discovery persistence spyware stealer upx

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

861507707edb8663b5cb3d66eb5df275862db71a0d8f17e07cdaac1a499d7257.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

861507707edb8663b5cb3d66eb5df275862db71a0d8f17e07cdaac1a499d7257
Size

822KB
MD5

6e59d51c4fc3db5a32bb8b16634c286a
SHA1

1269e5cbb05472778aa6620ef5165f6367839f2b
SHA256

861507707edb8663b5cb3d66eb5df275862db71a0d8f17e07cdaac1a499d7257
SHA512

2d11683b607b8f4d8408c62c9e5854f63fc445d365ee8b4f2b06e5fa06b9fdb50f4f5ea2e86ac4332cd7b8b801a57dbc19cc063b3ab2b98d22d646964ef5acc7
SSDEEP

24576:0zXWorSw0G7rFCEn3Cn/6LiS09/ltTKL:0zXAFG7ZCEG6J09/PTK

Score

N/A

Malware Config

Signatures

Files

861507707edb8663b5cb3d66eb5df275862db71a0d8f17e07cdaac1a499d7257
.exe windows x86

33e7b64dff7e7e78ee62e73b48c8cbbe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResumeThread
VirtualAlloc
InterlockedExchange
GetEnvironmentVariableA
GetExitCodeProcess
GetCommandLineA
GetModuleHandleW
GlobalSize
GetPrivateProfileIntW
CreateEventA
GetACP
GlobalFree
ResetEvent
lstrlenA
FindVolumeClose
WriteFile
LocalFree
CloseHandle
CreateMutexA
GetDriveTypeW

user32

GetKeyboardType
GetClassInfoA
DispatchMessageA
GetSysColor
GetSysColor
CallWindowProcW
GetCursorInfo
EndDialog
DrawStateW
GetClientRect
CreateWindowExA
IsWindow
SetFocus

avicap32

videoThunk32
videoThunk32
videoThunk32
AppCleanup
videoThunk32

sysdm.cpl

NoExecuteAddFileOptOutList

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 812KB - Virtual size: 812KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy