bf6ea1e0b0d2e4dc87b909b0acc9021f3ea8b542af8dc7572e318b54f0493e4c | Triage

Submit
Reports

Overview

overview

8

Static

static

bf6ea1e0b0...4c.exe

windows7-x64

8

bf6ea1e0b0...4c.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

bf6ea1e0b0d2e4dc87b909b0acc9021f3ea8b542af8dc7572e318b54f0493e4c.exe

Resource

win7-20220812-en

persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

bf6ea1e0b0d2e4dc87b909b0acc9021f3ea8b542af8dc7572e318b54f0493e4c.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

bf6ea1e0b0d2e4dc87b909b0acc9021f3ea8b542af8dc7572e318b54f0493e4c
Size

177KB
MD5

4040937c69af7f14c948ee722f9fe26f
SHA1

a13e37ddcd1da45a97e8ff7c2710e45b57c04ebe
SHA256

bf6ea1e0b0d2e4dc87b909b0acc9021f3ea8b542af8dc7572e318b54f0493e4c
SHA512

9981620571019c533c72910a01dfeceba3828151d015506b3dd8f6e347cec9fc5bfd2da94a22a7bbf1a488978488ad566c1bcecbe27b974b48e508df7b90bc22
SSDEEP

3072:A4vLb1/FIyirk7WmDuKPRm6Aw9n5a6cZX/QKxd8/EAsUlU4Yx/eiQ6AJVwe:b/1/F/j7WmDuSRm6Asn5xa/hLKZDlTi6

Score

N/A

Malware Config

Signatures

Files

bf6ea1e0b0d2e4dc87b909b0acc9021f3ea8b542af8dc7572e318b54f0493e4c
.exe windows x86

eb3d21a829dca7ee08bda100b6a1807b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetModuleBaseNameW

kernel32

HeapSetInformation
SetFileAttributesA
VirtualQueryEx
GetTempPathA
CreateEventW
lstrcmpiW
FindNextFileA
WideCharToMultiByte
lstrlenW
CopyFileW
DeleteFileA
GetFileAttributesA
lstrcmpiA
InterlockedCompareExchange
FindClose
MultiByteToWideChar
EnumResourceNamesW
Heap32ListNext
CreateProcessW
LocalFree
lstrlenA
lstrcmpA
FindFirstFileA
LoadLibraryExW
LoadLibraryW
LocalAlloc
CreateDirectoryExA
RemoveDirectoryA
GetExitCodeThread
DeleteFileW

advapi32

RegOpenKeyExA
RegOpenKeyExW
RegDeleteKeyW
RegCloseKey
RegSetValueExA
RegCreateKeyW
RegQueryValueExW
RegEnumValueW
RegCreateKeyExW
RegQueryValueExA
RegCreateKeyA
RegDeleteValueW

ole32

IIDFromString
CoCreateInstance

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy