f031c54e6120dc8f1773be700289c452339175d8f1eb7f1ee99564ba72471f16 | Triage

Submit
Reports

Overview

overview

8

Static

static

f031c54e61...16.exe

windows7-x64

8

f031c54e61...16.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

f031c54e6120dc8f1773be700289c452339175d8f1eb7f1ee99564ba72471f16.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

f031c54e6120dc8f1773be700289c452339175d8f1eb7f1ee99564ba72471f16.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

f031c54e6120dc8f1773be700289c452339175d8f1eb7f1ee99564ba72471f16
Size

810KB
MD5

959ba9ecc18570bbc9ab86f1ec1409da
SHA1

981fb51838515d1d4864d4dcc186689d5b978e8c
SHA256

f031c54e6120dc8f1773be700289c452339175d8f1eb7f1ee99564ba72471f16
SHA512

6bcc07914d479dd955f649481e34935d8f4c4c32738cfaccd9d7baafd7cfa75a23700c9afa7dffefe4a2e298c7c7e654d3396c2373ad7abea38fe0a7c9081f99
SSDEEP

24576:RgQUI5eterz5tL47q7gNDjBjmySTrEav8g0v6wz:RZz/47q7mjBjxSXES8Ji2

Score

N/A

Malware Config

Signatures

Files

f031c54e6120dc8f1773be700289c452339175d8f1eb7f1ee99564ba72471f16
.exe windows x86

84932f0e81b0cf0106d7a05cf49dfdee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

InterlockedExchange
HeapSize
CloseHandle
HeapCreate
lstrcpyW
GetStartupInfoW
ReadFile
SetFileTime
LoadLibraryA
GetModuleHandleA
SetConsoleTitleA
SetFileTime
GetStringTypeA
GetFileSize
CreateEventA
LeaveCriticalSection
IsBadWritePtr
GetLastError
GetExitCodeProcess
lstrcatA
SetFileTime

mstscax

DllGetClassObject
DllUnregisterServer
DllCanUnloadNow
DllRegisterServer

shell32

DragFinish
DuplicateIcon
StrChrA
SHGetMalloc
DllUnregisterServer
DragAcceptFiles
ShellMessageBoxW
ExtractIconA
DragQueryFileA
SHGetSettings
SHGetDiskFreeSpaceA
ShellAboutA
SHFree

rasapi32

DwRasUninitialize

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rich
Size: 1KB - Virtual size: 176B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ole
Size: 512B - Virtual size: 101B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 798KB - Virtual size: 798KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy