e8876c39b02320052d503ac58e25c933a698c80fbbfc096527e9b9bfee78f0e8 | Triage

Submit
Reports

Overview

overview

8

Static

static

e8876c39b0...e8.exe

windows7-x64

8

e8876c39b0...e8.exe

windows10-2004-x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

e8876c39b02320052d503ac58e25c933a698c80fbbfc096527e9b9bfee78f0e8.exe

Resource

win7-20221111-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

e8876c39b02320052d503ac58e25c933a698c80fbbfc096527e9b9bfee78f0e8.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

2 signatures

150 seconds

General

Target

e8876c39b02320052d503ac58e25c933a698c80fbbfc096527e9b9bfee78f0e8
Size

806KB
MD5

2ea5c7b10e35a3c0a933fab33cd3680e
SHA1

05a632f43490ee2f4616f79556d7258b5d4610fa
SHA256

e8876c39b02320052d503ac58e25c933a698c80fbbfc096527e9b9bfee78f0e8
SHA512

631a25d819f4d683afcaf3236397165f917f216436742a399c3577674a0bb32ed000729bfbad0f7dcc04ebce12f7199e7540fb14a09b9294b813d5c0862508e4
SSDEEP

24576:6PDj3jwfa5lRn5rzuSya7SZREAA7Byvpol7uPn:y33jwmlRhb7SZbPpFn

Score

N/A

Malware Config

Signatures

Files

e8876c39b02320052d503ac58e25c933a698c80fbbfc096527e9b9bfee78f0e8
.exe windows x86

e3408457830b92e4f150877da003250d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
lstrcpyW
GetLocaleInfoA
lstrcpyW
IsValidLocale
GetMailslotInfo
SetLastError
GetModuleHandleA
GetModuleFileNameA
GetCommState
GetProcessHeap
lstrcpyW
lstrcpyW
SetCurrentDirectoryA
VirtualAllocEx
GetStartupInfoW
GetStdHandle
GetVolumePathNameW
lstrlenW
FileTimeToLocalFileTime
lstrcpyW
CreateEventA
SetConsoleTitleA

termmgr

DllGetClassObject
DllRegisterServer
DllCanUnloadNow
DllUnregisterServer

Sections

.text
Size: 3KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 800KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Pdata
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy