85a129b9440affadb7b3848283a8f38a136531ecd396c72a7e4782a000f9b8e2 | Triage

Submit
Reports

Overview

overview

8

Static

static

85a129b944...e2.exe

windows7-x64

8

85a129b944...e2.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

85a129b9440affadb7b3848283a8f38a136531ecd396c72a7e4782a000f9b8e2.exe

Resource

win7-20220812-en

spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

85a129b9440affadb7b3848283a8f38a136531ecd396c72a7e4782a000f9b8e2.exe

Resource

win10v2004-20221111-en

spyware stealer upx

windows10-2004-x64

3 signatures

150 seconds

General

Target

85a129b9440affadb7b3848283a8f38a136531ecd396c72a7e4782a000f9b8e2
Size

191KB
MD5

58b0bd4bf6683eb0d9e025c3dbe0a045
SHA1

c6b4a1a180c9afe5e38417be20ecdebf097ce2af
SHA256

85a129b9440affadb7b3848283a8f38a136531ecd396c72a7e4782a000f9b8e2
SHA512

db5c6e1b7ab32fcaac4e3901e595edd58d9d697b15f8218cb938ec17b11efe58cb9b486c54065ad705ca343d82a85edb727c667c8c9374f729ca41bc96398c47
SSDEEP

3072:jNA+G7+vlFKC9F7Y6hvb0IQLCRfR6uKKaxCcly7bWP32ZwPjyjlc8faukpug:ju+0+CwYcvb0dCRZ6uYsDWPLu1yxn

Score

N/A

Malware Config

Signatures

Files

85a129b9440affadb7b3848283a8f38a136531ecd396c72a7e4782a000f9b8e2
.exe windows x86

61ee03c9d7c7a55eae0c5611d4b0ffe1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowTextA
wsprintfW
EnumWindows
IsWindowVisible
GetWindowThreadProcessId
wsprintfA

kernel32

HeapFree
GlobalAddAtomW
InterlockedExchange
SizeofResource
LoadLibraryW
FormatMessageA
MultiByteToWideChar
EnumResourceLanguagesA
LoadResource
FindFirstFileW
HeapAlloc
CloseHandle
GetProcAddress
EnumResourceNamesA
EnumResourceNamesA
GetModuleHandleA
FindFirstFileA
LocalFree
GetLastError
GetCommandLineA
FindResourceExA
EnumResourceTypesA
GetCurrencyFormatA
FindNextFileW
GlobalFree
GetCurrentDirectoryA
GetProcessHeap
RaiseException
LockResource
SetLastError
Sleep

setupapi

CM_Get_Depth
SetupDiGetDeviceRegistryPropertyA
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 106KB - Virtual size: 241KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy