9dbce265d689c0abec51422b77c636aa9e6cbf61322a630f1a923aef2afaaf03 | Triage

Submit
Reports

Overview

overview

8

Static

static

9dbce265d6...03.exe

windows7-x64

8

9dbce265d6...03.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

9dbce265d689c0abec51422b77c636aa9e6cbf61322a630f1a923aef2afaaf03.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

9dbce265d689c0abec51422b77c636aa9e6cbf61322a630f1a923aef2afaaf03.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

9dbce265d689c0abec51422b77c636aa9e6cbf61322a630f1a923aef2afaaf03
Size

823KB
MD5

a2e7ccaf92077f26acb49c6b9d89ada5
SHA1

44f8368ed5c1f304f70873df7b0d101402e763ad
SHA256

9dbce265d689c0abec51422b77c636aa9e6cbf61322a630f1a923aef2afaaf03
SHA512

f438fab5eeb600592e148051b99b1f604d1672149648c44ccaf25ba5054bfb68d54de2c0fcda1737735d7921de6b32ecfc67ef502b1b4250b5c942414abcad81
SSDEEP

24576:CFwIy/19IzQ1gU/od8zIuaB51ePZnSlc0HLKUoJVuO:lIyjI02ieZuaBfUYlc0HLla

Score

N/A

Malware Config

Signatures

Files

9dbce265d689c0abec51422b77c636aa9e6cbf61322a630f1a923aef2afaaf03
.exe windows x86

ce4fdd3e860fcd9e96d7d9b8ad4229f8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResetEvent
GetStdHandle
LocalSize
CreateMutexA
lstrlenA
GetEnvironmentVariableW
ReleaseMutex
InterlockedExchange
GetACP
GetModuleHandleW
CreateEventA
GetCommandLineA
CloseHandle
HeapCreate
GetPrivateProfileIntW
GlobalFree
GetExitCodeProcess
WriteFile
LocalFree
SuspendThread

advapi32

ClearEventLogW
CloseEventLog
ControlService
IsTextUnicode
CreateServiceA
RegDeleteValueA
RegEnumKeyW
RegDeleteKeyA
RegCloseKey
RegQueryValueW
IsValidSecurityDescriptor
RegCreateKeyExW
IsValidSid

devenum

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

hdwwiz.cpl

InstallNewDevice

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 813KB - Virtual size: 812KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy