651391252a553801fdc39e1cbb8f137c14d1e2adbfd6f68d23f6b3d6eb27a5ba | Triage

Submit
Reports

Overview

overview

8

Static

static

651391252a...ba.exe

windows7-x64

8

651391252a...ba.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

651391252a553801fdc39e1cbb8f137c14d1e2adbfd6f68d23f6b3d6eb27a5ba.exe

Resource

win7-20221111-en

discovery persistence spyware stealer upx

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

651391252a553801fdc39e1cbb8f137c14d1e2adbfd6f68d23f6b3d6eb27a5ba.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

651391252a553801fdc39e1cbb8f137c14d1e2adbfd6f68d23f6b3d6eb27a5ba
Size

777KB
MD5

1a4ebc8b1003910ab1b8a2572ff32dd0
SHA1

8f8d7599f77b2a7310f45d4bead5504d13f6bc75
SHA256

651391252a553801fdc39e1cbb8f137c14d1e2adbfd6f68d23f6b3d6eb27a5ba
SHA512

9aa0709f6a952b26457fe5f2c417f03d1d5c3dae628c0f35587066c283397f30b41a4d6f8acc2b710213e3b4a48462e64baf312ae5bbf5b150fc2adc96e84194
SSDEEP

24576:jFHA/O63gWYBmC/6JdW+Er29Rxkds4HIaa:jt0tC/ufo29RxkdfHIT

Score

N/A

Malware Config

Signatures

Files

651391252a553801fdc39e1cbb8f137c14d1e2adbfd6f68d23f6b3d6eb27a5ba
.exe windows x86

50f8a0e9a2975c7a3eaf069546a28fc8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
CloseHandle
CreateProcessA
CreateFileW
GetCommandLineA
Sleep
GetModuleHandleA
FindResourceW
lstrlenA
GetCurrentThreadId
HeapCreate
lstrcpyA
GetComputerNameA
PulseEvent
GlobalUnlock
GlobalFree
UnmapViewOfFile
LoadLibraryExW
SetLastError
GetEnvironmentVariableA

user32

GetDC
CreateIcon
CallWindowProcA
DrawMenuBar
CreateWindowExA
DispatchMessageA
FillRect
DrawEdge
CheckRadioButton
IsWindow
GetCaretPos
SetFocus
GetDlgItem

rsaenh

CPDecrypt
CPDeriveKey
CPHashData
CPGenKey
CPSignHash

msasn1

ASN1BERDecEoid

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 768KB - Virtual size: 796KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wtlfodb
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy