838b7991391fa59b2c7348d31ba109b79b5fc21b0a9fce27f037cd00bc501956 | Triage

Submit
Reports

Overview

overview

8

Static

static

838b799139...56.exe

windows7-x64

8

838b799139...56.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

838b7991391fa59b2c7348d31ba109b79b5fc21b0a9fce27f037cd00bc501956.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

838b7991391fa59b2c7348d31ba109b79b5fc21b0a9fce27f037cd00bc501956.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

838b7991391fa59b2c7348d31ba109b79b5fc21b0a9fce27f037cd00bc501956
Size

808KB
MD5

8627c2067d3d60a1468e8e7a1c90aab3
SHA1

4572a4baeea27fe33b18a4877854d1b853b20610
SHA256

838b7991391fa59b2c7348d31ba109b79b5fc21b0a9fce27f037cd00bc501956
SHA512

63f228c9506e260100ef41ec99a3f01327f05461a01f31140dd839f5b81af0712ac6f0cb15e3a961805820fbc04618807916bb7c8edea2c27295d9a7afde5c06
SSDEEP

12288:Nyuz8zV6pegV0Xv2o8nSaYgRseYlXIL2oyBEt6B2ikfhYsvkZu:Ny4YV6kgV0/2PSARs1XloymRlqs

Score

N/A

Malware Config

Signatures

Files

838b7991391fa59b2c7348d31ba109b79b5fc21b0a9fce27f037cd00bc501956
.exe windows x86

44064d4aa273a9272c4fb31c577590b1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetMailslotInfo
GetDriveTypeW
GlobalFree
ResetEvent
lstrlenA
FreeConsole
CloseHandle
InterlockedExchange
LocalSize
GetModuleHandleW
CreateThread
GetPrivateProfileIntW
FindVolumeClose
ReadFile
LocalFree
ReleaseMutex
CreateFileW
VirtualAlloc
GetExitCodeProcess
GetProcessHeap

user32

GetClassInfoA
IsIconic
DispatchMessageA
EndDialog
GetCursorInfo
GetSysColor
GetMenu
CreateWindowExA
SetFocus
GetDlgItem
CallWindowProcW
GetClientRect
DrawStateW

dsprop

CheckADsError
CheckADsError
CheckADsError
ReportError
CheckADsError

desk.cpl

InstallScreenSaverW

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 799KB - Virtual size: 798KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy