f4e839d078e7e20939e3dd0e49d6312ebb69bdbc2168d58b2ff4993419f87cc5 | Triage

Submit
Reports

Overview

overview

8

Static

static

f4e839d078...c5.exe

windows7-x64

8

f4e839d078...c5.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

f4e839d078e7e20939e3dd0e49d6312ebb69bdbc2168d58b2ff4993419f87cc5.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

f4e839d078e7e20939e3dd0e49d6312ebb69bdbc2168d58b2ff4993419f87cc5.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

f4e839d078e7e20939e3dd0e49d6312ebb69bdbc2168d58b2ff4993419f87cc5
Size

859KB
MD5

06362d9ea2469ead40537354eb9c93cc
SHA1

796caf8c7545bc9b16bbc79982aa0b5f359a0557
SHA256

f4e839d078e7e20939e3dd0e49d6312ebb69bdbc2168d58b2ff4993419f87cc5
SHA512

e8bcfa30df8b01f811426c2da69b8f3a64650197224116f6d1f6766fa51dcd469e28e64fcd1c4d3d1d33b4cc2d0d2d881c66c7281fb7920a3433eda635bc28c4
SSDEEP

24576:APjwQFvgGjLt51BYr2G2pi/g7I4i3EIQ:IRvdjLt512mpiAIn0z

Score

N/A

Malware Config

Signatures

Files

f4e839d078e7e20939e3dd0e49d6312ebb69bdbc2168d58b2ff4993419f87cc5
.exe windows x86

b1270a274660c42b5d028778fbce1b67

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
GetPrivateProfileStringW
HeapDestroy
SuspendThread
IsBadCodePtr
FindAtomA
DeleteFileA
CloseHandle
ReadFile
GetModuleHandleA
GetProcessTimes
GetPriorityClass
GetCurrentThreadId
DeleteAtom
HeapCreate
GetCurrentProcessId
GetModuleFileNameA
CreateMailslotA
GetFileAttributesA
GlobalFree

user32

GetWindowInfo
CallWindowProcW
GetClientRect
IsWindow
DrawTextW
SetFocus
GetWindowLongA
GetKeyboardType
GetClassInfoA
GetSysColor
GetKeyState
DispatchMessageA
DispatchMessageA

fwcfg

InitHelperDll
InitHelperDll
InitHelperDll
InitHelperDll
InitHelperDll

appwiz.cpl

ConfigStartMenu

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 849KB - Virtual size: 848KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy