b0b8e2e1f292a31c75481be9c1b1ba41966a72986a78580efa6931f949009dbd | Triage

Submit
Reports

Overview

overview

8

Static

static

b0b8e2e1f2...bd.exe

windows7-x64

8

b0b8e2e1f2...bd.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

b0b8e2e1f292a31c75481be9c1b1ba41966a72986a78580efa6931f949009dbd.exe

Resource

win7-20220901-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

b0b8e2e1f292a31c75481be9c1b1ba41966a72986a78580efa6931f949009dbd.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

b0b8e2e1f292a31c75481be9c1b1ba41966a72986a78580efa6931f949009dbd
Size

809KB
MD5

009b0a77f2f23357749f5f4cd596cc4d
SHA1

dbc4474e7f168284dc15a188cdaa736bad4720b1
SHA256

b0b8e2e1f292a31c75481be9c1b1ba41966a72986a78580efa6931f949009dbd
SHA512

653e961260a5a5bacada06afbba5a895110cea9eeeaa8f8a48de921905b52cd1152bafb0e38b95d4a537b9ad8f79877ba1dcd1b56e0690fac83c5fbce9d7af81
SSDEEP

24576:QS7hx6rMCC+lEoMUoj5w9lKmdPzLYftQcfcCtBnag:9ztroMU45qxJYft/flD

Score

N/A

Malware Config

Signatures

Files

b0b8e2e1f292a31c75481be9c1b1ba41966a72986a78580efa6931f949009dbd
.exe windows x86

92432561d71001c504d05e4b33bb4acc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCalendarInfoA
GetEnvironmentStringsW
GlobalFree
GetModuleHandleA
GetFileSize
DeleteFileA
GetCommandLineW
EnterCriticalSection
RemoveDirectoryA
WriteConsoleW
ReadFile
CreateDirectoryW
GetStartupInfoA
CancelIo
CreateFileA
GetModuleFileNameA
CloseHandle
GetTickCount
CancelIo
Sleep
lstrlenW
GetConsoleTitleA
TlsGetValue
GetConsoleTitleA
VirtualProtectEx

user32

IsWindowVisible
IsWindow
GetWindowLongA
GetSysColor
DispatchMessageA
PeekMessageA
MessageBoxA
GetClassInfoA
DestroyMenu
wsprintfA
CreateIcon
GetWindowLongA
IsWindowEnabled

console

CPlApplet
CPlApplet
CPlApplet
CPlApplet

advapi32

RegCloseKey

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 800KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy