a8c480a4c11c291050e557ab507ce0f9d28476a3352a8830ae01866147b882d4 | Triage

Submit
Reports

Overview

overview

8

Static

static

a8c480a4c1...d4.exe

windows7-x64

8

a8c480a4c1...d4.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

a8c480a4c11c291050e557ab507ce0f9d28476a3352a8830ae01866147b882d4.exe

Resource

win7-20221111-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

a8c480a4c11c291050e557ab507ce0f9d28476a3352a8830ae01866147b882d4.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

a8c480a4c11c291050e557ab507ce0f9d28476a3352a8830ae01866147b882d4
Size

800KB
MD5

1d8c6f669b815f024e810c8e9935f522
SHA1

3abdc6ccd25f9c887bdcc4ca3e1a615a84e4d9cd
SHA256

a8c480a4c11c291050e557ab507ce0f9d28476a3352a8830ae01866147b882d4
SHA512

ef84fee91e2d404c784a082fe77590b32f961a7efc580b2be3a908047955469d451fa63710452b31eb25689c4e8bc16ff16a5518470c22df131301b43a2ce8d4
SSDEEP

24576:VVnpP7nBo7foyr+Q3LMQXx/aK9IMK9HIS9wM4sjLqK:HnLDYLM+M7zj+

Score

N/A

Malware Config

Signatures

Files

a8c480a4c11c291050e557ab507ce0f9d28476a3352a8830ae01866147b882d4
.exe windows x86

0a7337b39dc4e1ace562c86083d2d30f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetFileSize
CreatePipe
InitializeCriticalSection
SetFileTime
CreateMutexW
LoadLibraryA
ReadFile
GetExitCodeProcess
SetFileTime
lstrcpyA
FormatMessageW
GetLastError
FindResourceW
lstrcatA
HeapCreate
GetModuleHandleA
GetStartupInfoW
CloseHandle
IsBadWritePtr
LeaveCriticalSection
SetFileTime

mstscax

DllCanUnloadNow
DllRegisterServer
DllUnregisterServer
DllGetClassObject

user32

GetWindowRect
GetWindowLongW
LoadCursorW
IsWindow
PeekMessageW
PostMessageW
PostMessageA
IsDialogMessageA
SetFocus
DispatchMessageA
GetWindowTextA
MessageBoxA
wsprintfA

clbcatq

SetSetupSave

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 728KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rich
Size: 1KB - Virtual size: 193B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 786KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ole
Size: 512B - Virtual size: 112B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy