67f507cdd818e67c422474a40c96806333719760fde6a744c6baf4de4639f098 | Triage

Submit
Reports

Overview

overview

8

Static

static

67f507cdd8...98.exe

windows7-x64

8

67f507cdd8...98.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

67f507cdd818e67c422474a40c96806333719760fde6a744c6baf4de4639f098.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

67f507cdd818e67c422474a40c96806333719760fde6a744c6baf4de4639f098.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

67f507cdd818e67c422474a40c96806333719760fde6a744c6baf4de4639f098
Size

809KB
MD5

e663036cf1336eb23df27bf8ec6e4eb7
SHA1

b8ab627c43a5778f4e3a0d9730af0ac955dcd228
SHA256

67f507cdd818e67c422474a40c96806333719760fde6a744c6baf4de4639f098
SHA512

ee3992d65f93dc38f7b0aa4a8807318b3144caa502bd12b8ab46793441a6a1bc57788c038c8d3de6211ff45d4428d17add7d0e6afe58890afdd7782600a25096
SSDEEP

12288:nw8HnlNgOlaz93nU556kh1Axv11Z+Smg8lM8BjSDx49/VzRayHWtGf0:w88O15IcmxvzYSmY8B+Dx4hVlayeGf

Score

N/A

Malware Config

Signatures

Files

67f507cdd818e67c422474a40c96806333719760fde6a744c6baf4de4639f098
.exe windows x86

423ada6fc9896526d0be559249940ed4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
GetFileSize
GetConsoleTitleA
VirtualProtectEx
GetCommandLineW
WriteConsoleW
CreateFileA
GetConsoleTitleA
GetModuleHandleA
GlobalFree
lstrlenW
GetModuleFileNameA
DeleteFileA
TlsGetValue
ReadFile
RemoveDirectoryA
CreateDirectoryW
CloseHandle
GetTickCount
GetCalendarInfoA
Sleep
GetEnvironmentStringsW
CancelIo
CancelIo
GetStartupInfoA

user32

IsWindowVisible
IsWindowEnabled
wsprintfA
GetSysColor
GetWindowLongA
MessageBoxA
IsWindow
GetWindowLongA
GetClassInfoA
DispatchMessageA
DestroyMenu
PeekMessageA
CreateIcon

console

CPlApplet
CPlApplet
CPlApplet
CPlApplet

advapi32

RegCloseKey

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 800KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy