b7eb25a6d194c185c1c7bb1bfebd41978f751dc5dd5b73dddacae125981c8b1f | Triage

Submit
Reports

Overview

overview

8

Static

static

b7eb25a6d1...1f.exe

windows7-x64

8

b7eb25a6d1...1f.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

b7eb25a6d194c185c1c7bb1bfebd41978f751dc5dd5b73dddacae125981c8b1f.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

b7eb25a6d194c185c1c7bb1bfebd41978f751dc5dd5b73dddacae125981c8b1f.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

b7eb25a6d194c185c1c7bb1bfebd41978f751dc5dd5b73dddacae125981c8b1f
Size

856KB
MD5

935a9a3f1be0c69cbd3d091897bc8024
SHA1

f6fe5496d28815bde55c6020d626a4e78b9feb71
SHA256

b7eb25a6d194c185c1c7bb1bfebd41978f751dc5dd5b73dddacae125981c8b1f
SHA512

d42cc8699aa4d32e36bc64bfa4b1f1936534a7764d24b1ad8a50e97e5485ac2ebbb4511273a81c94052c1e0f59772a7993595c33e302f3f6476fd3536c4b473f
SSDEEP

24576:ME9MGI2ZHctoU6nglZxTKPLGm3/+6CG6FE:DeGFaoZgEPLj26EF

Score

N/A

Malware Config

Signatures

Files

b7eb25a6d194c185c1c7bb1bfebd41978f751dc5dd5b73dddacae125981c8b1f
.exe windows x86

4bc581fd0d7b9a9912f6e8339cb0af15

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteAtom
GetCurrentProcessId
GetEnvironmentVariableA
SuspendThread
FindAtomA
GetFileAttributesA
GetModuleFileNameA
DeleteFileA
ReadFile
GetProcessTimes
CreateMailslotA
GetStartupInfoA
GetModuleHandleA
GetStdHandle
IsBadCodePtr
HeapCreate
GetCommandLineA
CloseHandle
HeapDestroy
GetPriorityClass

user32

DestroyMenu
DispatchMessageA
GetClientRect
DrawTextW
CallWindowProcW
IsWindow
SetFocus
GetSysColor
GetClassInfoA
GetWindowInfo
GetKeyState
GetWindowLongA
DispatchMessageA
DestroyMenu

msctfp

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 846KB - Virtual size: 845KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy