e1b5c694f1b6c34ce93050dde2dbc7b7b0472d25ad1f19cc7d5b591d401c8d10 | Triage

Submit
Reports

Overview

overview

8

Static

static

e1b5c694f1...10.exe

windows7-x64

8

e1b5c694f1...10.exe

windows10-2004-x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

e1b5c694f1b6c34ce93050dde2dbc7b7b0472d25ad1f19cc7d5b591d401c8d10.exe

Resource

win7-20220812-en

spyware stealer upx

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

e1b5c694f1b6c34ce93050dde2dbc7b7b0472d25ad1f19cc7d5b591d401c8d10.exe

Resource

win10v2004-20220812-en

spyware stealer upx

windows10-2004-x64

3 signatures

150 seconds

General

Target

e1b5c694f1b6c34ce93050dde2dbc7b7b0472d25ad1f19cc7d5b591d401c8d10
Size

179KB
MD5

1d663e203a8bc49978367a9476c0ee21
SHA1

bc564e7679fcb6b34839cfb8ab9c5b21b973dd79
SHA256

e1b5c694f1b6c34ce93050dde2dbc7b7b0472d25ad1f19cc7d5b591d401c8d10
SHA512

3cd7b2d9a900b1840326eacb356fa68b1789586d16d7f9eb4be3c09fffd58ecc6143f9c631234b47c5d818e451d12cb9ea0e1bc27ffe34425eb9f514dd85c9e2
SSDEEP

3072:fLz1cl4Nko7XLNVYGr+eJqdjlhE+xt9UZETs+N2VKKRc67Yi/5x6sL:9cl4NN77fFJqdjfE+xtRY+NZUYiWsL

Score

N/A

Malware Config

Signatures

Files

e1b5c694f1b6c34ce93050dde2dbc7b7b0472d25ad1f19cc7d5b591d401c8d10
.exe windows x86

bd28587d6707412ef29c455700d9f309

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GetProcAddress
GlobalGetAtomNameA
DeleteCriticalSection
lstrlenW
LoadLibraryA
GetModuleHandleW
GetPrivateProfileStringW
MultiByteToWideChar
FindClose
GetVersionExW
WritePrivateProfileStringW
EnumResourceTypesA
FindFirstFileW
LoadResource
GetVersionExA
InitializeCriticalSection
FreeLibrary
GlobalSize
GetDllDirectoryW
LoadLibraryW
MulDiv
LockResource
Sleep
GetModuleFileNameW
GetPrivateProfileIntW
GetLocaleInfoW

wininet

HttpSendRequestA
InternetCloseHandle
HttpOpenRequestA
InternetConnectA
InternetErrorDlg
InternetOpenA
InternetCrackUrlA
InternetReadFile
InternetTimeToSystemTime
HttpQueryInfoA
InternetTimeFromSystemTime

shell32

DllGetVersion
SHGetPathFromIDListA
ShellExecuteExA
SHGetFileInfoA
SHFileOperationW
ShellExecuteW
SHGetFolderPathW
SHBrowseForFolderA
ShellExecuteExW
CommandLineToArgvW
Shell_NotifyIconA

Sections

.text
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy