f94525455697a6378faa9c0306a7b9dfdd42057cd41296e0746d5e5d9904c41c | Triage

Submit
Reports

Overview

overview

Static

static

f945254556...1c.exe

windows7-x64

f945254556...1c.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

f94525455697a6378faa9c0306a7b9dfdd42057cd41296e0746d5e5d9904c41c.exe

Resource

win7-20220812-en

evasion persistence spyware stealer upx

windows7-x64

15 signatures

150 seconds

Behavioral task

behavioral2

Sample

f94525455697a6378faa9c0306a7b9dfdd42057cd41296e0746d5e5d9904c41c.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

f94525455697a6378faa9c0306a7b9dfdd42057cd41296e0746d5e5d9904c41c
Size

171KB
MD5

819f3e8b288102b4620b65442c1ab9bb
SHA1

73eed876e39d83ad1892c287051e25405b6e0e48
SHA256

f94525455697a6378faa9c0306a7b9dfdd42057cd41296e0746d5e5d9904c41c
SHA512

e84ff2977413f75266a3743038fec09c346a294a40784458a267a7dc043f0fc733e5119fa1a05b37ab34c29df885eb3349e194bdc7b0ba144651336e15e3322f
SSDEEP

3072:LBGRv6aKQeSkOzfv2jW7kXJ5GwyPETwpBUfFg6uE1vci+C3TAyJOWp:LBGRvrKXLkv2OkXJ5GwyPSZF/pci+8J3

Score

N/A

Malware Config

Signatures

Files

f94525455697a6378faa9c0306a7b9dfdd42057cd41296e0746d5e5d9904c41c
.exe windows x86

887016076ff752998424737d3d9ccad1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mciSendCommandW
sndPlaySoundW

kernel32

LoadLibraryExW
HeapAlloc
InterlockedIncrement
AddAtomW
GetModuleHandleA
GetEnvironmentVariableW
GetLastError
SetLastError
CreateFileA
GetVersionExW
CreateFileMappingA
GetModuleHandleW
UnmapViewOfFile
GetProcessHeap
TlsFree
MapViewOfFile
GetProcAddress
ExitProcess
HeapFree
EnumResourceNamesA
TlsSetValue
GetConsoleCP
VerLanguageNameA
GetConsoleMode
InterlockedDecrement
TlsAlloc
GetTempPathW
WriteConsoleW
GetVersionExA
FlushFileBuffers
CreateFileW
TlsGetValue
Sleep

setupapi

CM_Get_Depth_Ex
SetupDiGetDeviceRegistryPropertyA
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

shlwapi

PathAddBackslashW

Sections

.text
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy