b47752bc2e0ceb2abd74564eb9736a802a7f5203de87234f0a193cd8959435fb | Triage

Submit
Reports

Overview

overview

8

Static

static

b47752bc2e...fb.exe

windows7-x64

8

b47752bc2e...fb.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

b47752bc2e0ceb2abd74564eb9736a802a7f5203de87234f0a193cd8959435fb.exe

Resource

win7-20221111-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

b47752bc2e0ceb2abd74564eb9736a802a7f5203de87234f0a193cd8959435fb.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

b47752bc2e0ceb2abd74564eb9736a802a7f5203de87234f0a193cd8959435fb
Size

809KB
MD5

af0663a34bcb7dfb1a73061acc6ed792
SHA1

5d0244030f33896236bc8a3c3e5e397f6332a936
SHA256

b47752bc2e0ceb2abd74564eb9736a802a7f5203de87234f0a193cd8959435fb
SHA512

d818fd3a66a2f0164c9c9bb5efd2074af8b84b637f9a2bded9b9014be92bd988e672275e4a8dbd0b1ca99eb7cbd04a0818b74d7b91c5d301d92fae38b980e2a0
SSDEEP

24576:HM6NXECzKC0Pj0JLV5qGlO6Om4AWmOGk:/Xdd1NVBlOxbb8

Score

N/A

Malware Config

Signatures

Files

b47752bc2e0ceb2abd74564eb9736a802a7f5203de87234f0a193cd8959435fb
.exe windows x86

fa0ed98d085c77ad8bc5bc60336d22af

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
CreateDirectoryA
EnterCriticalSection
VirtualProtect
CreateFileA
CreateDirectoryA
lstrlenW
RemoveDirectoryA
GetFileSize
DeleteFileA
Sleep
GetTickCount
GetEnvironmentStringsW
CancelIo
WriteConsoleW
ReadFile
GetCommandLineA
GetModuleHandleA
GetStartupInfoA
CancelIo
CloseHandle
GetConsoleTitleA
GetConsoleTitleA
TlsGetValue
GetModuleFileNameA

user32

wsprintfA
DestroyMenu
GetWindowLongA
GetSysColor
PeekMessageA
GetClassInfoA
CreateIcon
MessageBoxA
IsWindowEnabled
IsWindow
DispatchMessageA
IsWindowVisible
GetWindowLongA

console

CPlApplet
CPlApplet
CPlApplet
CPlApplet

advapi32

RegCloseKey

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 800KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy