bfbeab9fa4bcf3165e302180ca636cec1dcdebc458ab07bb08ec4a4bda6026e4 | Triage

Submit
Reports

Overview

overview

8

Static

static

bfbeab9fa4...e4.exe

windows7-x64

8

bfbeab9fa4...e4.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

bfbeab9fa4bcf3165e302180ca636cec1dcdebc458ab07bb08ec4a4bda6026e4.exe

Resource

win7-20220812-en

persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

bfbeab9fa4bcf3165e302180ca636cec1dcdebc458ab07bb08ec4a4bda6026e4.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

bfbeab9fa4bcf3165e302180ca636cec1dcdebc458ab07bb08ec4a4bda6026e4
Size

166KB
MD5

0fe723bcaf904778d078ac93c0929957
SHA1

1c0edcab4093b98eae04fada18bcb2afd1159bb3
SHA256

bfbeab9fa4bcf3165e302180ca636cec1dcdebc458ab07bb08ec4a4bda6026e4
SHA512

0e2c95dc2d273dec23aa5a5d0b528b71ef536b6c7b6e3feb2b4d7931a85269a0a54e49060860d9147a57e20ac2e592252a9a359f741b54c8eaa0483e6c21e6bf
SSDEEP

3072:NKv0qrbcezlnFcv5VgT4+YPTSHXY/bufobOAKQTKxDJnHI/K/:NW0EjmGlYPTSHXerbbKFx

Score

N/A

Malware Config

Signatures

Files

bfbeab9fa4bcf3165e302180ca636cec1dcdebc458ab07bb08ec4a4bda6026e4
.exe windows x86

6a469e33f859803fb293813623d0997b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend
TransparentBlt

kernel32

HeapSize
GetCPInfoExA
GetEnvironmentStringsW
SetHandleCount
GetCPInfo
GetOEMCP
InterlockedIncrement
TlsSetValue
MultiByteToWideChar
GetLastError
UnhandledExceptionFilter
WideCharToMultiByte
GetACP
InterlockedExchange
FreeEnvironmentStringsA
GetStdHandle
GetVersionExA
GetThreadLocale
EnumResourceTypesA
WriteFile
RaiseException
FreeEnvironmentStringsW
GetStartupInfoA
GetTickCount
GetEnvironmentStrings
LoadLibraryW
GetFileType
LeaveCriticalSection
EnterCriticalSection
TlsGetValue
InitializeCriticalSection
DeleteCriticalSection
GetLocaleInfoA
lstrlenW
QueryPerformanceCounter
GetCurrentProcessId

gdi32

DeleteObject
GetTextExtentPointA
SelectObject
GetTextMetricsA
GetDeviceCaps
CreateFontIndirectA

ole32

CoGetMalloc
CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree
StringFromGUID2
CoTaskMemRealloc

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy