b17fd54b9108f94483beadb41386fa02e9f3586423514206ccf54be8c000e7c2 | Triage

Submit
Reports

Overview

overview

8

Static

static

b17fd54b91...c2.exe

windows7-x64

8

b17fd54b91...c2.exe

windows10-2004-x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

b17fd54b9108f94483beadb41386fa02e9f3586423514206ccf54be8c000e7c2.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

b17fd54b9108f94483beadb41386fa02e9f3586423514206ccf54be8c000e7c2.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

2 signatures

150 seconds

General

Target

b17fd54b9108f94483beadb41386fa02e9f3586423514206ccf54be8c000e7c2
Size

809KB
MD5

d906534cbc1b3bf00e27e16a8ad82904
SHA1

6a78161e61369a460810bf429da8da411cd1b900
SHA256

b17fd54b9108f94483beadb41386fa02e9f3586423514206ccf54be8c000e7c2
SHA512

7f63b40321a553e2a341ef2ea4a1d2fcbb3e8b6a89f291b3909f82e399f4bbfcee73c840d8b35f397d9a86a024f474d7b1917efc4f9db45d6c897e0408256dc8
SSDEEP

24576:/+A/3xISw4nPPfur6WJnXKzYgbw3qqDjpm:X/hPfur6WJX23bFqXp

Score

N/A

Malware Config

Signatures

Files

b17fd54b9108f94483beadb41386fa02e9f3586423514206ccf54be8c000e7c2
.exe windows x86

609affdca8225f3958524650e4fb74b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryA
CreateFileA
ReadFile
GlobalFree
DeleteFileA
GetModuleFileNameA
GetConsoleTitleA
EnterCriticalSection
TlsGetValue
CreateDirectoryW
SetLastError
GetEnvironmentStringsW
WriteConsoleW
SetLastError
CloseHandle
VirtualProtect
GetStartupInfoA
lstrlenA
GetCommandLineA
RemoveDirectoryA
Sleep
GetTickCount
GetConsoleTitleA
GetFileSize
LoadLibraryA

user32

DestroyMenu
GetWindowLongA
CreateIcon
PeekMessageA
MessageBoxA
IsWindowVisible
IsWindow
GetClassInfoA
IsZoomed
DispatchMessageA
GetSysColor
GetWindowLongA
wsprintfA

cmutil

??_FCIniA@@QAEXXZ
??1CIniA@@QAE@XZ
??_FCIniW@@QAEXXZ
??1CIniW@@QAE@XZ

advapi32

RegCloseKey

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 800KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy