9cf17e8004dcf2357a812dc8f4767a7f9ec64d339a1a398a5b17a936ada11cb9 | Triage

Submit
Reports

Overview

overview

8

Static

static

9cf17e8004...b9.exe

windows7-x64

8

9cf17e8004...b9.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

9cf17e8004dcf2357a812dc8f4767a7f9ec64d339a1a398a5b17a936ada11cb9.exe

Resource

win7-20221111-en

spyware stealer upx

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

9cf17e8004dcf2357a812dc8f4767a7f9ec64d339a1a398a5b17a936ada11cb9.exe

Resource

win10v2004-20221111-en

spyware stealer upx

windows10-2004-x64

3 signatures

150 seconds

General

Target

9cf17e8004dcf2357a812dc8f4767a7f9ec64d339a1a398a5b17a936ada11cb9
Size

188KB
MD5

f90192c186bb6c47f6b045327fecedf6
SHA1

2a14e9fb22ec4b235132f87ee688c1f5be0bd3b6
SHA256

9cf17e8004dcf2357a812dc8f4767a7f9ec64d339a1a398a5b17a936ada11cb9
SHA512

caf3c4783322af18547eace1a57626f52ad042b79e8f5d40ae0e91e67805326d8ecfd1e317eed77717651da8cfb5810f815967a03c14d2af6cab2a98f7fddd29
SSDEEP

3072:ApcBwtLPHdQkCsAt10n0qpUyboPCkliK/PeDKU7i5SEQT3IOZWJUZQ:ApcitDtC4LxJklDeykjIOZpZQ

Score

N/A

Malware Config

Signatures

Files

9cf17e8004dcf2357a812dc8f4767a7f9ec64d339a1a398a5b17a936ada11cb9
.exe windows x86

b53126277fadbe166dc74f82bac1e7d0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

shell32

ShellExecuteA
Shell_NotifyIconA

oleacc

CreateStdAccessibleObject

shlwapi

StrRetToStrA
SHCreateStreamOnFileEx
PathIsContentTypeA
PathAppendA
PathIsFileSpecA
PathCreateFromUrlW

kernel32

lstrcmpiW
FindAtomA
LocalFree
lstrlenW
OutputDebugStringA
GetFileInformationByHandle
ExitProcess
GetCurrentProcess
MultiByteToWideChar
OutputDebugStringW
CreateDirectoryW
SetEnvironmentVariableW
EnumResourceLanguagesA
DuplicateHandle
WideCharToMultiByte
SetLastError
VirtualProtect
GetCurrentThreadId
GetModuleHandleA
GetStringTypeExW
VirtualQuery
SearchPathW
GetModuleFileNameW
LocalAlloc
GetFileAttributesW
GetCurrentDirectoryW
InterlockedExchange

Sections

.text
Size: 98KB - Virtual size: 237KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy