a648f60d0d9122b35e1b0d915e23d0574e00206b3b58bc5d9ad8a7e06859478f | Triage

Submit
Reports

Overview

overview

8

Static

static

a648f60d0d...8f.exe

windows7-x64

8

a648f60d0d...8f.exe

windows10-2004-x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

a648f60d0d9122b35e1b0d915e23d0574e00206b3b58bc5d9ad8a7e06859478f.exe

Resource

win7-20221111-en

spyware stealer upx

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

a648f60d0d9122b35e1b0d915e23d0574e00206b3b58bc5d9ad8a7e06859478f.exe

Resource

win10v2004-20220901-en

spyware stealer upx

windows10-2004-x64

3 signatures

150 seconds

General

Target

a648f60d0d9122b35e1b0d915e23d0574e00206b3b58bc5d9ad8a7e06859478f
Size

187KB
MD5

c5cce0df042d78d29e752c4410af83af
SHA1

cf0883e3854146b5f09454e03ec180ba4f026cf8
SHA256

a648f60d0d9122b35e1b0d915e23d0574e00206b3b58bc5d9ad8a7e06859478f
SHA512

885a93e8576534051f06b8b6a3370b1548f7647fa67c222acd94d7a5680a714b4d1e89f265589bee22b3348f2d9dc28be64b56c86e6ff45849a02a84efbcd670
SSDEEP

3072:uDcG3ovjaNx39Vio5FeISGOOC4fBurNOAHrc1hHsplP2mND6VOavmMbemTmVcWq9:kcZvjaN99jlrBqNOYr0GPJRsvmMbeom1

Score

N/A

Malware Config

Signatures

Files

a648f60d0d9122b35e1b0d915e23d0574e00206b3b58bc5d9ad8a7e06859478f
.exe windows x86

8ad9075d8f8d2b26c70ba056f9532c14

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
SetStdHandle
GetTimeFormatA
GetAtomNameA
MultiByteToWideChar
GetACP
FreeLibrary
UnhandledExceptionFilter
InitializeCriticalSection
GetCPInfo
WriteFile
RtlUnwind
GetDateFormatA
LeaveCriticalSection
GetOEMCP
EnumResourceNamesA
EnterCriticalSection
IsDebuggerPresent
HeapReAlloc
GetLocaleInfoA
HeapSize
GetSystemTimeAsFileTime
SetFilePointer
GetCurrentProcess
GetStringTypeW
IsValidCodePage
SetUnhandledExceptionFilter
WriteConsoleA
VirtualAlloc
LoadLibraryA
GetConsoleOutputCP
TerminateProcess
RaiseException

shlwapi

SHCreateStreamOnFileW
PathAppendA
SHCreateStreamOnFileEx
PathIsFileSpecA
PathIsContentTypeA
PathCreateFromUrlW

rpcrt4

RpcStringFreeA

Sections

.text
Size: 94KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy