a4245a8c3d44eccc9ef59af04d7cb9e189d0e9d5c220c8c5b95e78f0b1dbc059 | Triage

Submit
Reports

Overview

overview

8

Static

static

a4245a8c3d...59.exe

windows7-x64

8

a4245a8c3d...59.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

a4245a8c3d44eccc9ef59af04d7cb9e189d0e9d5c220c8c5b95e78f0b1dbc059.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

a4245a8c3d44eccc9ef59af04d7cb9e189d0e9d5c220c8c5b95e78f0b1dbc059.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

a4245a8c3d44eccc9ef59af04d7cb9e189d0e9d5c220c8c5b95e78f0b1dbc059
Size

822KB
MD5

921732408741b95ea8c8b6ec211c6fa0
SHA1

96fb97fe1c3ce441132a00aa583afb489b9fcf57
SHA256

a4245a8c3d44eccc9ef59af04d7cb9e189d0e9d5c220c8c5b95e78f0b1dbc059
SHA512

f97a01e6f535270bce2951bd4524d754b2239a297e773c501dea2d16a6224b19aecad7a3f08b274de8e7e45f068308b0ed39eaef59f86c2895d661cd1ea13c5b
SSDEEP

12288:Qk0URTDs0wxj02q22Lpm7OWCzuO/W1eDc8oYVuGyFnfCL3XvxvGpU3kdY+:Qk0UJg0jZMOzzuO/W1e7uGpLPYIU

Score

N/A

Malware Config

Signatures

Files

a4245a8c3d44eccc9ef59af04d7cb9e189d0e9d5c220c8c5b95e78f0b1dbc059
.exe windows x86

7bca5a58b96c8fd16760adc8def52b48

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
CreateEventA
CreateMutexA
GetModuleHandleW
VirtualAlloc
FindVolumeClose
GetPrivateProfileIntW
GetACP
GlobalSize
GetExitCodeProcess
ResumeThread
GlobalFree
WriteFile
InterlockedExchange
ResetEvent
LocalFree
CloseHandle
GetEnvironmentVariableA
GetDriveTypeW
GetCommandLineA

user32

SetFocus
EndDialog
DrawStateW
GetCursorInfo
CreateWindowExA
CallWindowProcW
GetClientRect
GetClassInfoA
DispatchMessageA
GetSysColor
GetSysColor
IsWindow
GetKeyboardType

avicap32

videoThunk32
videoThunk32
AppCleanup
videoThunk32
videoThunk32

sysdm.cpl

NoExecuteAddFileOptOutList

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 812KB - Virtual size: 812KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy