a9b9a5907672a54afa3b984cc5bc170583cc7d002376f8730b7d72635d7c0e1a | Triage

Submit
Reports

Overview

overview

8

Static

static

a9b9a59076...1a.exe

windows7-x64

8

a9b9a59076...1a.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

a9b9a5907672a54afa3b984cc5bc170583cc7d002376f8730b7d72635d7c0e1a.exe

Resource

win7-20221111-en

persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

a9b9a5907672a54afa3b984cc5bc170583cc7d002376f8730b7d72635d7c0e1a.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

a9b9a5907672a54afa3b984cc5bc170583cc7d002376f8730b7d72635d7c0e1a
Size

178KB
MD5

48242b13fd9c83f63a9cf8165146362c
SHA1

30c15e892b564c3e306c2aba95cc0bf879bc5048
SHA256

a9b9a5907672a54afa3b984cc5bc170583cc7d002376f8730b7d72635d7c0e1a
SHA512

f1aa7018b5947bd4943cdfa84af6ac38b8c89cd526c5da3255296aa70aae621ca6e90fde0088544f48484b318cb505befcc6ba327b98da1649ccf413a151b56e
SSDEEP

3072:aG2dCMJTFT5JIQdgGTq9X92C4dlFOpJ2SM1qcfvuA4ZdRLcr/x41KH5mOiIMI1:bCT5JIQdLqIC4dHTSM1ZuxPxcr/rkOCI

Score

N/A

Malware Config

Signatures

Files

a9b9a5907672a54afa3b984cc5bc170583cc7d002376f8730b7d72635d7c0e1a
.exe windows x86

0fff7e7a3b6bc8249d4f0fddd8b346f7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA
RegOpenKeyExW
RegCreateKeyW
RegCreateKeyA
RegCreateKeyExW
RegSetValueExA
RegDeleteKeyW
RegOpenKeyExA
RegQueryValueExW
RegCloseKey
RegEnumValueW
RegDeleteValueW

ole32

IIDFromString
CoCreateInstance

psapi

GetModuleBaseNameW

kernel32

lstrcmpiW
FindNextFileA
VirtualQueryEx
HeapSetInformation
CreateEventW
CopyFileW
CreateProcessW
CreateDirectoryExA
LoadLibraryExW
LocalAlloc
GetExitCodeThread
FindFirstFileA
lstrcmpA
EnumResourceNamesW
InterlockedCompareExchange
DeleteFileA
FindClose
Heap32ListNext
SetFileAttributesA
lstrlenW
lstrcmpiA
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
LoadLibraryW
LocalFree
RemoveDirectoryA
GetTempPathA
GetFileAttributesA
DeleteFileW

Sections

.text
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy