8d9e64e25fda112ed83f34a12ae795c5b4e5c820dd6cbdf64cd19b59999dc4ec | Triage

Submit
Reports

Overview

overview

Static

static

8d9e64e25f...ec.exe

windows7-x64

8d9e64e25f...ec.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

8d9e64e25fda112ed83f34a12ae795c5b4e5c820dd6cbdf64cd19b59999dc4ec.exe

Resource

win7-20220901-en

persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

8d9e64e25fda112ed83f34a12ae795c5b4e5c820dd6cbdf64cd19b59999dc4ec.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

8d9e64e25fda112ed83f34a12ae795c5b4e5c820dd6cbdf64cd19b59999dc4ec
Size

177KB
MD5

3a8f12b1ff49d955726d07b1f61ae45d
SHA1

6a7ad4009ca314c95978245d945108b6843627cc
SHA256

8d9e64e25fda112ed83f34a12ae795c5b4e5c820dd6cbdf64cd19b59999dc4ec
SHA512

b8c998515bbe63382343d5f02ea6422714da108970682bc03c8a934a29b450a0fab0d73cf735a9dec5fbd64626988773f609f0d83b024ae25303f59eaf646f95
SSDEEP

3072:mMUNYUYRdZcw4TBQ8iwREthGiuFrrSSygvtpiC+/P+Etfe1xi8pGqQtjxy5B:oYRAwE28iyEthJuSSygvt5+H+Etfe1dF

Score

N/A

Malware Config

Signatures

Files

8d9e64e25fda112ed83f34a12ae795c5b4e5c820dd6cbdf64cd19b59999dc4ec
.exe windows x86

2ec6a82f6c7b4beee855f00bf570a084

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SelectObject
GetTextMetricsA
GetTextExtentPointA
GetDeviceCaps
DeleteObject
CreateFontIndirectA

kernel32

GetOEMCP
GetCPInfoExA
GetCPInfo
TlsSetValue
LeaveCriticalSection
lstrlenW
SetHandleCount
WideCharToMultiByte
DeleteCriticalSection
TlsGetValue
GetACP
GetLocaleInfoA
HeapSize
GetLastError
GetTickCount
EnumResourceTypesA
EnterCriticalSection
GetVersionExA
FreeEnvironmentStringsW
GetThreadLocale
GetEnvironmentStringsW
WriteFile
InterlockedIncrement
GetStdHandle
LoadLibraryW
GetStartupInfoA
InitializeCriticalSection
UnhandledExceptionFilter
QueryPerformanceCounter
FreeEnvironmentStringsA
GetEnvironmentStrings
InterlockedExchange
RaiseException
MultiByteToWideChar
GetFileType
GetCurrentProcessId

msimg32

AlphaBlend
TransparentBlt

ole32

CoGetMalloc
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
StringFromGUID2
CoTaskMemRealloc

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy