de508964ebc1e7d4f6e74161be98fa222a872d0b26f4ec023026efc87632c76f | Triage

Submit
Reports

Overview

overview

7

Static

static

de508964eb...6f.exe

windows7-x64

7

de508964eb...6f.exe

windows10-2004-x64

7

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

de508964ebc1e7d4f6e74161be98fa222a872d0b26f4ec023026efc87632c76f.exe

Resource

win7-20221111-en

spyware stealer

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

de508964ebc1e7d4f6e74161be98fa222a872d0b26f4ec023026efc87632c76f.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

3 signatures

150 seconds

General

Target

de508964ebc1e7d4f6e74161be98fa222a872d0b26f4ec023026efc87632c76f
Size

26KB
MD5

b5e685cac40c7f7ebed5b46961cccb1c
SHA1

8289ec567fd8c41a2642663f0787d796e98e1085
SHA256

de508964ebc1e7d4f6e74161be98fa222a872d0b26f4ec023026efc87632c76f
SHA512

e274f3ea45d15406589837faa667bea02a3c7821a95dbdbe40950f6e19965fa23aae0cd34da041485c07c86643edcbff4d352475de1b2bb6b75660c636694985
SSDEEP

768:d9RCB9ubiSofJHl6NA77git8HrXFt1UEE9FQhVB:ZWubiSofJHl6csB

Score

N/A

Malware Config

Signatures

Files

de508964ebc1e7d4f6e74161be98fa222a872d0b26f4ec023026efc87632c76f
.exe windows x86

8e5b2bea490be1aa130acf6430963eed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendMessageA
IsWindowVisible
GetWindowThreadProcessId
FindWindowA
EnumWindows
wsprintfA

kernel32

CloseHandle
CreateFileA
CreateThread
DeleteFileA
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
FindResourceA
GetCurrentProcess
GetLogicalDrives
GetModuleFileNameA
GetModuleHandleA
GetTempPathA
GetTickCount
LoadResource
OpenProcess
RtlZeroMemory
SizeofResource
Sleep
TerminateProcess
WaitForMultipleObjects
WriteFile
lstrcatA
lstrcpyA
lstrlenA
LockResource

shell32

ShellExecuteA

advapi32

AdjustTokenPrivileges
RegQueryValueExA
RegOpenKeyA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA

shlwapi

StrStrA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy