68cab18542b5958320f00dcdc87d5ff9a282596cb13a8ee120a105dff89182e1 | Triage

Submit
Reports

Overview

overview

Static

static

68cab18542...e1.exe

windows7-x64

68cab18542...e1.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

68cab18542b5958320f00dcdc87d5ff9a282596cb13a8ee120a105dff89182e1.exe

Resource

win7-20220812-en

persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

68cab18542b5958320f00dcdc87d5ff9a282596cb13a8ee120a105dff89182e1.exe

Resource

win10v2004-20220901-en

persistence spyware stealer upx

windows10-2004-x64

4 signatures

150 seconds

General

Target

68cab18542b5958320f00dcdc87d5ff9a282596cb13a8ee120a105dff89182e1
Size

170KB
MD5

0a09affacdb12a3784cde428adde7b06
SHA1

9b156b9e459df4c604abc5e526e53f2c70e21b34
SHA256

68cab18542b5958320f00dcdc87d5ff9a282596cb13a8ee120a105dff89182e1
SHA512

54a5c97ec1078e116ea2ec253a6ffb2fb89e7ab38a6abc24394a633a7dc250ad0f7308ac8f870462c993bad623a31b9960da3a60f4fb6e75b8b845eecab82827
SSDEEP

3072:WeC6955R6FbECFejIAMmPhjLr5A1cQ+2mM6TZPZfyz7:zjgFQVZh3dAmQRNIZxfyz7

Score

N/A

Malware Config

Signatures

Files

68cab18542b5958320f00dcdc87d5ff9a282596cb13a8ee120a105dff89182e1
.exe windows x86

87b3ffe0dd83465c60f0d61547ec7166

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapSize
GlobalGetAtomNameA
GetDateFormatA
IsValidCodePage
SetFilePointer
GetOEMCP
GetACP
SetStdHandle
TlsAlloc
MultiByteToWideChar
EnumResourceNamesW
TlsGetValue
WriteConsoleA
HeapReAlloc
WideCharToMultiByte
GetTimeFormatA
TlsSetValue
GetCPInfo
GetLocaleInfoA
VirtualAlloc
GetConsoleOutputCP
RtlUnwind
RaiseException

user32

LoadStringA
DispatchMessageW
PeekMessageA
GetDesktopWindow
CharNextA
MessageBoxA
DispatchMessageA
wsprintfA

rpcrt4

RpcStringFreeA

shell32

SHGetSpecialFolderLocation
SHBrowseForFolderA
SHAppBarMessage
DragAcceptFiles
ShellExecuteExA
SHGetPathFromIDListA
SHGetFileInfoA
Shell_NotifyIconA

Sections

.text
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 87KB - Virtual size: 478KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy