f5dab40c2c0ce3342541e7114f652a04978d8d056fb90b3b5e364972644d0eea | Triage

Submit
Reports

Overview

overview

8

Static

static

f5dab40c2c...ea.exe

windows7-x64

8

f5dab40c2c...ea.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

f5dab40c2c0ce3342541e7114f652a04978d8d056fb90b3b5e364972644d0eea.exe

Resource

win7-20221111-en

spyware stealer upx

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

f5dab40c2c0ce3342541e7114f652a04978d8d056fb90b3b5e364972644d0eea.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

f5dab40c2c0ce3342541e7114f652a04978d8d056fb90b3b5e364972644d0eea
Size

187KB
MD5

a73818f2ee609f9867d7012afe757864
SHA1

88612f3b9aa3b9b5e6dd5771c121de5aaf60c3d2
SHA256

f5dab40c2c0ce3342541e7114f652a04978d8d056fb90b3b5e364972644d0eea
SHA512

81b9c7181c4018c113a423e9f6da15e8862eda9e18b310ead78750c9259e6f1fb35f428e45ee2cf74f9b15821085fbd74da4e7853c6750ba3a04df3328ed54e8
SSDEEP

3072:Nb4jdkxDFsTEOMQYvKcEIqhMeUc1QADrQrcPnE3uNF4oES7YxhyJrql1Xi:Sj+xuvMccCfBQAnFNcrTiRql1

Score

N/A

Malware Config

Signatures

Files

f5dab40c2c0ce3342541e7114f652a04978d8d056fb90b3b5e364972644d0eea
.exe windows x86

256c0179d5d9ee343a91126353d1f4dd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetAtomNameA
TlsGetValue
GetTimeFormatA
GetACP
IsValidCodePage
TlsSetValue
RtlUnwind
GetCPInfo
TlsAlloc
SetFilePointer
HeapReAlloc
GetLocaleInfoA
EnumResourceNamesW
GetConsoleOutputCP
GetDateFormatA
WriteConsoleA
VirtualAlloc
CreateToolhelp32Snapshot
GetOEMCP
SetStdHandle
HeapSize
MultiByteToWideChar
RaiseException

user32

DispatchMessageA
PeekMessageA
LoadStringA
GetDesktopWindow
DispatchMessageW
CharNextA
MessageBoxA
wsprintfA

rpcrt4

RpcStringFreeA

shell32

SHGetUnreadMailCountW
SHGetFileInfoA
DragAcceptFiles
SHBrowseForFolderA
ShellExecuteExA
SHGetPathFromIDListA
SHAppBarMessage
Shell_NotifyIconA

Sections

.text
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 93KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy