d44cfa6b691054cc55d3893b25a3b5f4c480762867628f85a31dd775ebeb5176 | Triage

Submit
Reports

Overview

overview

8

Static

static

d44cfa6b69...76.exe

windows7-x64

8

d44cfa6b69...76.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

d44cfa6b691054cc55d3893b25a3b5f4c480762867628f85a31dd775ebeb5176.exe

Resource

win7-20220901-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

d44cfa6b691054cc55d3893b25a3b5f4c480762867628f85a31dd775ebeb5176.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

d44cfa6b691054cc55d3893b25a3b5f4c480762867628f85a31dd775ebeb5176
Size

866KB
MD5

637424de0c18cc1cb1cea0bf33b95d65
SHA1

88cbf8e763b47e169896be6d05f29d7d790a4e5f
SHA256

d44cfa6b691054cc55d3893b25a3b5f4c480762867628f85a31dd775ebeb5176
SHA512

72abb47057b534f2cb9b7e257c9e16e8446dcd8e6b11cf0f9bd8c11f7c5e9dde314f5c165304cc4d6afba0ecf984e3bf11684aca90a87a1215ec4b8e3fc5b193
SSDEEP

24576:Fm4DN3U0v75+6NBzlBx2cE5KkyWUVCIN:k4Xv75+mBzlB4wNVCg

Score

N/A

Malware Config

Signatures

Files

d44cfa6b691054cc55d3893b25a3b5f4c480762867628f85a31dd775ebeb5176
.exe windows x86

131f5f092becbd23984a4ca899845a94

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SuspendThread
HeapCreate
FindClose
LocalFree
SetEvent
ReadFile
GlobalFree
CreateMailslotA
GetConsoleAliasW
GetModuleFileNameA
EnumCalendarInfoW
EnterCriticalSection
GetCurrentThreadId
GetPrivateProfileStringW
GetModuleHandleA
FindAtomW
GetFileAttributesA
GetDriveTypeW
SetLastError
GetCurrentProcessId

user32

GetMenuInfo
GetCursorInfo
GetSysColor
DispatchMessageA
GetClassInfoA
CallWindowProcW
DrawTextW
GetKeyboardType
SetFocus
IsWindow
GetKeyState
DispatchMessageA
GetClientRect

cliconfg

OnInitDialogMain
OnInitDialogMain
OnInitDialogMain
OnInitDialogMain
OnInitDialogMain

desk.cpl

DeskSetCurrentScheme

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 856KB - Virtual size: 856KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy