bff8dc7dcba461487e8927033d7c61a654c0a9d323f4e1d873b9582cac662f6a | Triage

Submit
Reports

Overview

overview

8

Static

static

bff8dc7dcb...6a.exe

windows7-x64

8

bff8dc7dcb...6a.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

bff8dc7dcba461487e8927033d7c61a654c0a9d323f4e1d873b9582cac662f6a.exe

Resource

win7-20220812-en

spyware stealer upx

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

bff8dc7dcba461487e8927033d7c61a654c0a9d323f4e1d873b9582cac662f6a.exe

Resource

win10v2004-20220812-en

spyware stealer upx

windows10-2004-x64

3 signatures

150 seconds

General

Target

bff8dc7dcba461487e8927033d7c61a654c0a9d323f4e1d873b9582cac662f6a
Size

186KB
MD5

434ca9a5565b719c156c141df86dd1e1
SHA1

7601eb4f3491ecc7689ae43744c8ce7cd14fdc2c
SHA256

bff8dc7dcba461487e8927033d7c61a654c0a9d323f4e1d873b9582cac662f6a
SHA512

7fc3c6660cca2c33d5223523b7b07e17380c322294d67f6cf24c473d224cce85effe7b01bb2456dd14611172fd4fc58eb011efc9c90bc9b1513997610608a5d2
SSDEEP

3072:PuwxmhbB4ksHPDM8u5OkOXpzlZibaLIAh2KZkVX59jpqzIaskBFpZv6cntOH/9Ot:PumQWksHPDM8AOkOXpzlkr/KZ2PjpbaT

Score

N/A

Malware Config

Signatures

Files

bff8dc7dcba461487e8927033d7c61a654c0a9d323f4e1d873b9582cac662f6a
.exe windows x86

b5dffc223799a4b83b610d785f128eb5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetStdHandle
GetAtomNameA
GetTimeFormatA
WriteConsoleA
HeapReAlloc
MultiByteToWideChar
GetOEMCP
RtlUnwind
SetFilePointer
GetDateFormatA
EnumResourceTypesA
VirtualAlloc
HeapSize
GetCPInfo
GetLocaleInfoA
GetConsoleOutputCP
CreateToolhelp32Snapshot
IsValidCodePage
GetACP
TlsSetValue
TlsGetValue
TlsAlloc
RaiseException

shell32

SHGetUnreadMailCountW
SHGetFileInfoA
SHBrowseForFolderA
ShellExecuteExA
SHGetPathFromIDListA
SHAppBarMessage
DragAcceptFiles
Shell_NotifyIconA

rpcrt4

RpcStringFreeA

user32

DispatchMessageA
LoadStringA
GetDesktopWindow
CharNextA
PeekMessageA
DispatchMessageW
MessageBoxA
wsprintfA

Sections

.text
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 97KB - Virtual size: 233KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy