b20b5289eb4a8ac29c421947986b71d42632a269bdb4f091bfc6a71da192afa2 | Triage

Submit
Reports

Overview

overview

8

Static

static

b20b5289eb...a2.exe

windows7-x64

8

b20b5289eb...a2.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

b20b5289eb4a8ac29c421947986b71d42632a269bdb4f091bfc6a71da192afa2.exe

Resource

win7-20220901-en

persistence spyware stealer upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

b20b5289eb4a8ac29c421947986b71d42632a269bdb4f091bfc6a71da192afa2.exe

Resource

win10v2004-20221111-en

persistence spyware stealer upx

windows10-2004-x64

9 signatures

150 seconds

General

Target

b20b5289eb4a8ac29c421947986b71d42632a269bdb4f091bfc6a71da192afa2
Size

119KB
MD5

22fbe5eef7fc639fa959ef6b2ff813ed
SHA1

044f5fc8d30dab1791fdee6d1d7d51479cf195aa
SHA256

b20b5289eb4a8ac29c421947986b71d42632a269bdb4f091bfc6a71da192afa2
SHA512

5c718e06dfcc6deb3bd5b89f7ea52b4c161b4a5bd1fae759479f9920706acb1ea57c3db972a8862863d38b2360f3fc0450b061ff3dcaef3a8de6830e9fa0f98a
SSDEEP

3072:5LJpxMt+NRFwyBx0k72f+0zjCgrWp+kpQRO9z+Uu3KOt:5LzxMARFwi0f+0zmTVpQQY/

Score

N/A

Malware Config

Signatures

Files

b20b5289eb4a8ac29c421947986b71d42632a269bdb4f091bfc6a71da192afa2
.exe windows x86

f7715b843475769bee6d2773e2b3ee12

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

TextOutW
SetViewportExtEx
EndDoc
BeginPath
GetTextExtentExPointW

kernel32

SetThreadAffinityMask
SetHandleInformation
lstrcatW
FindFirstFileW
_lcreat
SetLocalTime
GetCurrentProcess
TerminateProcess
LockFile
GetCommModemStatus
lstrcpyW

ntdll

atoi

user32

OpenInputDesktop
PostQuitMessage
DestroyIcon
CharUpperA
LoadAcceleratorsA
GetClientRect
IsIconic
EnumThreadWindows
SetCaretPos
SendDlgItemMessageA
InsertMenuA
GetKeyboardLayout

shlwapi

PathFindFileNameW
StrStrIW
StrToIntW

Exports

Exports

?UpdateProcThreadAttribute@@YGXKPAD@Z

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 114KB - Virtual size: 446KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy