946da8f294cdb672440550d7664417c5b4d7c74541fb125dc23013e683a8058b | Triage

Submit
Reports

Overview

overview

8

Static

static

946da8f294...8b.exe

windows7-x64

8

946da8f294...8b.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

946da8f294cdb672440550d7664417c5b4d7c74541fb125dc23013e683a8058b.exe

Resource

win7-20221111-en

spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

946da8f294cdb672440550d7664417c5b4d7c74541fb125dc23013e683a8058b.exe

Resource

win10v2004-20221111-en

spyware stealer upx

windows10-2004-x64

3 signatures

150 seconds

General

Target

946da8f294cdb672440550d7664417c5b4d7c74541fb125dc23013e683a8058b
Size

190KB
MD5

dbc4f24f54ae396f5d8164b3553e4ed6
SHA1

8074093878bb7b82fae21c8c743b4e2aed2d2945
SHA256

946da8f294cdb672440550d7664417c5b4d7c74541fb125dc23013e683a8058b
SHA512

6a12b9985078049da806007666a0cce370974d14c53a0c4eb50956d44928f1bdeb9a3a22f59ecb7b9afbb699dabc71adaf423d2c97e629c7048e4e2b0b3db3f3
SSDEEP

3072:utiYWdjv/O1WTDo8Di9zIu39Ivq9/lrnOQFOMgF+SjUFIj:oodjvm4Tk8mwvQlCQSXUi

Score

N/A

Malware Config

Signatures

Files

946da8f294cdb672440550d7664417c5b4d7c74541fb125dc23013e683a8058b
.exe windows x86

30933007b2ed6692c3d468df860e8e9b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowThreadProcessId
GetWindowTextA
wsprintfW
EnumWindows
IsWindowVisible
wsprintfA

kernel32

LockResource
GlobalAddAtomW
FindFirstFileW
EnumResourceNamesA
FindFirstFileA
MultiByteToWideChar
SizeofResource
RaiseException
GetProcessHeap
CloseHandle
FindNextFileW
FindResourceExA
GetModuleHandleA
SetLastError
HeapFree
EnumResourceNamesA
LoadResource
EnumResourceLanguagesA
GetCurrentDirectoryA
LoadLibraryW
LocalFree
EnumResourceTypesA
InterlockedExchange
GetCurrencyFormatA
GetLastError
GlobalFree
FormatMessageA
GetCommandLineA
HeapAlloc
GetProcAddress
Sleep

setupapi

CM_Get_Depth
SetupDiGetDeviceRegistryPropertyA
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 104KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy