bf4dbbb47a1e6db2d3bb26d651a2e2f67f50462187d1f0040fcec744a48da831 | Triage

Submit
Reports

Overview

overview

8

Static

static

bf4dbbb47a...31.exe

windows7-x64

8

bf4dbbb47a...31.exe

windows10-2004-x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

bf4dbbb47a1e6db2d3bb26d651a2e2f67f50462187d1f0040fcec744a48da831.exe

Resource

win7-20220901-en

persistence spyware stealer

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

bf4dbbb47a1e6db2d3bb26d651a2e2f67f50462187d1f0040fcec744a48da831.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

10 signatures

150 seconds

General

Target

bf4dbbb47a1e6db2d3bb26d651a2e2f67f50462187d1f0040fcec744a48da831
Size

487KB
MD5

aeec7986eac90bd21f0031b81aeeb25e
SHA1

5d9b17e5c9247fadfe851e443e381b48e84746b1
SHA256

bf4dbbb47a1e6db2d3bb26d651a2e2f67f50462187d1f0040fcec744a48da831
SHA512

5584e773024b84755d30244ab1d4e17eec1a7e32754b8e9cffb07306f5b48c55fab1bdab4c25e5e69bfe1d37c8bf42dbea445fde88b0c79d8b78358ae58fef3b
SSDEEP

12288:vtModOXaZYvpJ3VULSsRFUredSY9wM1gDBVrQET3twL8+EOoKq:vtMoAaqHgSRyZwzv1SoKq

Score

N/A

Malware Config

Signatures

Files

bf4dbbb47a1e6db2d3bb26d651a2e2f67f50462187d1f0040fcec744a48da831
.exe windows x86

7d4d9c380d3e1156cb731140c478e21d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockResource
LoadResource
SizeofResource
FindResourceA
GetModuleFileNameA
GetCurrentProcess
IsDebuggerPresent
CreateMutexA
OpenMutexA
OpenProcess
GetCurrentProcessId
CloseHandle
GetModuleHandleA
ExitProcess
GetProcAddress
GetStartupInfoA

user32

MessageBoxA

advapi32

LookupPrivilegeValueA
OpenProcessToken
AdjustTokenPrivileges

msvcrt

_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__dllonexit
_onexit

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 482KB - Virtual size: 482KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy