bb602a070cce4f7806d8e3558c3fb5d3dfae5df7992d552fc362d60264d605b6 | Triage

Submit
Reports

Overview

overview

Static

static

bb602a070c...b6.exe

windows7-x64

bb602a070c...b6.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

bb602a070cce4f7806d8e3558c3fb5d3dfae5df7992d552fc362d60264d605b6.exe

Resource

win7-20221111-en

discovery evasion persistence spyware stealer trojan upx

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

bb602a070cce4f7806d8e3558c3fb5d3dfae5df7992d552fc362d60264d605b6.exe

Resource

win10v2004-20221111-en

discovery evasion persistence spyware stealer trojan upx

windows10-2004-x64

17 signatures

150 seconds

General

Target

bb602a070cce4f7806d8e3558c3fb5d3dfae5df7992d552fc362d60264d605b6
Size

1.9MB
MD5

08bd995cb1ae604e08652cbc68bcbfa9
SHA1

21dce6246cbc23a6fa238e7ebb51d56c93216fc8
SHA256

bb602a070cce4f7806d8e3558c3fb5d3dfae5df7992d552fc362d60264d605b6
SHA512

809514a7b6cf6099f73768c180fa25fa797087259d277ec89d5257f7d090fbd9e8b683d47244b9b10a7082018f3eb182747fead5c0868c74900fba301f5b1046
SSDEEP

49152:h8XiQINW/RWHrCCluOE4q3xAVW2OHf9eSFYYxX9I5gGbaM:SXiHW/InluOE4quVW2K0g9I5gGbaM

Score

N/A

Malware Config

Signatures

Files

bb602a070cce4f7806d8e3558c3fb5d3dfae5df7992d552fc362d60264d605b6
.exe windows x86

d7d089945e16957aacb354ccc1be2553

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_CxxThrowException
_filbuf
getc
_CIlog
_wcmdln
_mbscspn

advapi32

LookupPrivilegeValueW
LsaRemoveAccountRights
RegOpenCurrentUser
GetManagedApplications
CommandLineFromMsiDescriptor

gdi32

SetArcDirection
GdiSetPixelFormat
GdiSetLastError
SetROP2
DrawEscape
GetTextFaceAliasW
GdiEntry12

ole32

OleCreateLinkFromDataEx

user32

WindowFromDC

kernel32

HeapAlloc
LocalFileTimeToFileTime
VirtualAlloc
GetCurrentProcess
GetCommandLineA
GetLocaleInfoA
GetProcessHeap
VirtualFree
ExitProcess
GetCurrentThread
GetCommModemStatus
GetModuleHandleA

Sections

.text
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 931KB - Virtual size: 6.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 952KB - Virtual size: 952KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy