7c5020981d37ca761fd8a74cd77f309a1ec0ac64fb72b9eada2ec05095b8d043 | Triage

Submit
Reports

Overview

overview

8

Static

static

7c5020981d...43.exe

windows7-x64

8

7c5020981d...43.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

7c5020981d37ca761fd8a74cd77f309a1ec0ac64fb72b9eada2ec05095b8d043.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

7c5020981d37ca761fd8a74cd77f309a1ec0ac64fb72b9eada2ec05095b8d043.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

2 signatures

150 seconds

General

Target

7c5020981d37ca761fd8a74cd77f309a1ec0ac64fb72b9eada2ec05095b8d043
Size

810KB
MD5

d21b8628e576ce3c011b4f21e3446e83
SHA1

58485fd883426b45e8e0befbb502c8dfd3ce1785
SHA256

7c5020981d37ca761fd8a74cd77f309a1ec0ac64fb72b9eada2ec05095b8d043
SHA512

effa4012b35e35ef0d8d9ff6abb4d5833bbd02d0b81d22d1b13d78e224c17fff8cc6d2cd6af9dfa7e79c601adc0c504e6a90fecf520728880ce531d6a99bbe8b
SSDEEP

24576:h22KE/r6hTek7Ibs9aGDhHmJeRe02rBUX:h+IrYTTraGDhGwReLSX

Score

N/A

Malware Config

Signatures

Files

7c5020981d37ca761fd8a74cd77f309a1ec0ac64fb72b9eada2ec05095b8d043
.exe windows x86

5429c2606a765557838dcc294ca1ece4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
ReadFile
GetModuleHandleA
InitializeCriticalSection
GetConsoleTitleW
WriteConsoleW
GetModuleFileNameA
GetFileSize
CreateDirectoryW
CancelIo
lstrlenW
GlobalFree
GetStartupInfoA
TlsGetValue
GetCalendarInfoA
VirtualProtectEx
EnterCriticalSection
CancelIo
CreateFileA
LeaveCriticalSection
GetTickCount
Sleep
CloseHandle
DeleteFileA
RemoveDirectoryA

user32

IsWindowVisible
CreateIcon
IsWindow
GetWindowLongA
PeekMessageA
GetSysColor
DispatchMessageA
GetWindowLongA
IsWindowEnabled
GetClassInfoA
wsprintfA
DestroyMenu
MessageBoxA

cryptdlg

CertTrustInit
CertTrustCleanup
CertTrustCertPolicy
CertConfigureTrustA

advapi32

RegCloseKey

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 800KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy