aa7f38d6b997453882756d733ab1e49e11c02542014e7a1ab87d226a7bf668b5 | Triage

Submit
Reports

Overview

overview

Static

static

aa7f38d6b9...b5.exe

windows7-x64

aa7f38d6b9...b5.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

aa7f38d6b997453882756d733ab1e49e11c02542014e7a1ab87d226a7bf668b5.exe

Resource

win7-20220812-en

persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

aa7f38d6b997453882756d733ab1e49e11c02542014e7a1ab87d226a7bf668b5.exe

Resource

win10v2004-20221111-en

persistence spyware stealer upx

windows10-2004-x64

4 signatures

150 seconds

General

Target

aa7f38d6b997453882756d733ab1e49e11c02542014e7a1ab87d226a7bf668b5
Size

165KB
MD5

50eef0addfbeecbcc1adc80b3dddcc20
SHA1

f3b7e82ed166596c7aa2e0eb7c0e257232e66b38
SHA256

aa7f38d6b997453882756d733ab1e49e11c02542014e7a1ab87d226a7bf668b5
SHA512

2b26654ca8953eb0d4daf6a24a486c328f15f19c4771d8aa277e198c8904a524da9e01dceeace9a5dfd99f6a6f81ad993a4112d50cdaecf2d5cf8bba2bbcdd96
SSDEEP

3072:PJmHHdiMT3tjUtgoPeBE4kb+FtP7NV6895hPv3dx6JBxUB8vmNyMyuSZd+:P6HpT3tlceBHkyFtP7jb93Xd459viwT

Score

N/A

Malware Config

Signatures

Files

aa7f38d6b997453882756d733ab1e49e11c02542014e7a1ab87d226a7bf668b5
.exe windows x86

9292f680cb63c6b09ff3b03262cbdf77

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameW
GetCPInfo
GetLocaleInfoA
GetTimeFormatA
GetConsoleOutputCP
RtlUnwind
TlsAlloc
MultiByteToWideChar
HeapSize
SetFilePointer
EnumResourceTypesA
TlsSetValue
SetStdHandle
TlsGetValue
GetOEMCP
SetThreadLocale
WriteConsoleA
VirtualAlloc
IsValidCodePage
GetDateFormatA
HeapReAlloc
GetACP
RaiseException

user32

LoadStringA
PeekMessageA
DispatchMessageW
DispatchMessageA
MessageBoxA
CharNextA
GetDesktopWindow
wsprintfA

shell32

SHGetDataFromIDListW
DragAcceptFiles
SHGetFileInfoA
SHGetPathFromIDListA
SHBrowseForFolderA
ShellExecuteExA
Shell_NotifyIconA

rpcrt4

RpcStringFreeA

Sections

.text
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 473KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy