986f06f6b81e47428fcda113ee318187957df86878659b57f2fa7585c40840e4 | Triage

Submit
Reports

Overview

overview

Static

static

986f06f6b8...e4.exe

windows7-x64

986f06f6b8...e4.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

986f06f6b81e47428fcda113ee318187957df86878659b57f2fa7585c40840e4.exe

Resource

win7-20220812-en

persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

986f06f6b81e47428fcda113ee318187957df86878659b57f2fa7585c40840e4.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

986f06f6b81e47428fcda113ee318187957df86878659b57f2fa7585c40840e4
Size

181KB
MD5

a4dc4d493ed0128d97ab8125670e5cb1
SHA1

57d4922f7335b512efed8a57f6d29e1ea537a342
SHA256

986f06f6b81e47428fcda113ee318187957df86878659b57f2fa7585c40840e4
SHA512

99ec508f952ca5755254de1986f7958199952483da6c3ce17f3dd4cad4c62eccd70b9539958352d77b8f01dacadbbc16f1432ae69df38a4d2d9bfd9b1330eb44
SSDEEP

3072:+48dr5pFw00DBlF6bm4Z2QtV8q/9RZMmuH+SvXWnZn6ZOevIA7dB8z:Dor5k00Dx664Z2uVZ/9RZMHHXvXWJ6rZ

Score

N/A

Malware Config

Signatures

Files

986f06f6b81e47428fcda113ee318187957df86878659b57f2fa7585c40840e4
.exe windows x86

99d8251c916a94e6bfdf2c8d636c0280

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

advapi32

RegOpenKeyExA
RegQueryValueExA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey
RegOpenKeyA
RegEnumKeyExA
RegSetValueExA

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

kernel32

GetLocaleInfoA
lstrlenW
VirtualQueryEx
CreateProcessA
GetEnvironmentVariableA
GetACP
GetCurrentProcessId
MultiByteToWideChar
GetModuleHandleA
SetUnhandledExceptionFilter
GetTickCount
GetStartupInfoA
EnumResourceNamesW
ExitProcess
LocalAlloc
QueryPerformanceCounter
InterlockedCompareExchange
GetCPInfoExW
UnhandledExceptionFilter
InterlockedExchange
Sleep
lstrlenA
IsDebuggerPresent
WideCharToMultiByte
GetCurrentThreadId
RaiseException
GetCurrentProcess
GetSystemTimeAsFileTime
GetThreadLocale

ole32

StringFromIID
CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

Sections

.text
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy