f906029c6dc9fd433ed330d6f9b8ecdc32a9164c037fb837e4870918833fb5a1 | Triage

Submit
Reports

Overview

overview

8

Static

static

f906029c6d...a1.exe

windows7-x64

8

f906029c6d...a1.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

f906029c6dc9fd433ed330d6f9b8ecdc32a9164c037fb837e4870918833fb5a1.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

f906029c6dc9fd433ed330d6f9b8ecdc32a9164c037fb837e4870918833fb5a1.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

f906029c6dc9fd433ed330d6f9b8ecdc32a9164c037fb837e4870918833fb5a1
Size

800KB
MD5

f04a8446029f874dc206f18de679ec53
SHA1

7fd42266cf0a844168d81946c0f431ef1d27f92a
SHA256

f906029c6dc9fd433ed330d6f9b8ecdc32a9164c037fb837e4870918833fb5a1
SHA512

eb8066226651ff14e7bb578b714c57b4ddf8392595f6a1ffe5d083d9a18ac04c6d2210ed7d4ce00f00685fc7c5ffea7b89b0acc47dd2d7ccd0fd83c1b7882521
SSDEEP

24576:zp+kiFZdJzimpnAz5PMDzkpESn3OSpcB3+B3+1xF:N6dJAugESl6BOUx

Score

N/A

Malware Config

Signatures

Files

f906029c6dc9fd433ed330d6f9b8ecdc32a9164c037fb837e4870918833fb5a1
.exe windows x86

42a07fada1f1477f82cddc42886e3621

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetDriveTypeA
CreateEventW
DeleteFileA
GetStringTypeW
HeapFree
CreateMutexW
ClearCommBreak
GetCurrentThread
GetPrivateProfileIntW
lstrlenA
GetFileAttributesW
HeapDestroy
LoadLibraryW
GetPrivateProfileSectionA
GetProcessHeap
TlsGetValue
ResumeThread
DeviceIoControl
SetLastError
VirtualProtectEx
DeviceIoControl

clbcatq

SetSetupSave
SetupOpen
ComPlusMigrate
DllGetClassObject
ComPlusMigrate
DllGetClassObject
SetupOpen
CheckMemoryGates
CheckMemoryGates
ComPlusMigrate
CheckMemoryGates
SetupOpen
SetSetupSave

pdh

PdhGetLogFileSize
PdhAddCounterA
PdhCloseLog
PdhGetLogFileTypeA

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 1.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 794KB - Virtual size: 794KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy