ac1ed0647522913f9610a4e7b6d4876ebb66ac661a6c2b754e9ce61ff2a93789 | Triage

Submit
Reports

Overview

overview

Static

static

ac1ed06475...89.exe

windows7-x64

ac1ed06475...89.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

ac1ed0647522913f9610a4e7b6d4876ebb66ac661a6c2b754e9ce61ff2a93789.exe

Resource

win7-20220901-en

persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

ac1ed0647522913f9610a4e7b6d4876ebb66ac661a6c2b754e9ce61ff2a93789.exe

Resource

win10v2004-20220901-en

persistence spyware stealer upx

windows10-2004-x64

4 signatures

150 seconds

General

Target

ac1ed0647522913f9610a4e7b6d4876ebb66ac661a6c2b754e9ce61ff2a93789
Size

173KB
MD5

c01cd5a51b69f9e4747ce64a355540d2
SHA1

ae5dbd04baec26934f070b4e0932cd7fb8f9265c
SHA256

ac1ed0647522913f9610a4e7b6d4876ebb66ac661a6c2b754e9ce61ff2a93789
SHA512

3732855f65d51748b881b2244ef1c70025fa828b19c9be03735b030abe486b0eeb1dcfdf29875948218ebeded567ca88bf2fb8c66a9c0ab22725784bf3201371
SSDEEP

3072:Iy+GIlVQDmaXh7j1ik/dLL4mLC2G1pt32SJscnvMUwqLZvI84IwpQVhDfw:IlB8D3j1isdDW2ysmvBwwZVR

Score

N/A

Malware Config

Signatures

Files

ac1ed0647522913f9610a4e7b6d4876ebb66ac661a6c2b754e9ce61ff2a93789
.exe windows x86

057ef71d2e2f7f33515d50ec02412204

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

FreeEnvironmentStringsA
GlobalFindAtomA
SetStdHandle
FlushFileBuffers
UnhandledExceptionFilter
LCMapStringA
CreateFileA
GetEnvironmentStrings
WriteFile
LCMapStringW
WideCharToMultiByte
FreeEnvironmentStringsW
IsBadReadPtr
FindFirstFileA
GetEnvironmentStringsW
GetFileAttributesA
EnumResourceNamesA
GetOEMCP
GetDiskFreeSpaceA
SetUnhandledExceptionFilter
GetStringTypeA
GetCPInfo
VirtualProtect
SetFilePointer
GetFullPathNameA
GetStringTypeW
GetStringTypeW
IsBadCodePtr
ReadFile
GetThreadLocale
MulDiv

shlwapi

SHGetInverseCMAP
SHCreateStreamOnFileEx
PathIsFileSpecA
PathAppendA
PathIsContentTypeA
PathCreateFromUrlW

rpcrt4

RpcStringFreeA

Sections

.text
Size: 94KB - Virtual size: 485KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy