a4cd3a0f94b0a5c50402bc790266d77bb30fd5edf2cf7b4662d3256ea7254e0d | Triage

Submit
Reports

Overview

overview

8

Static

static

a4cd3a0f94...0d.exe

windows7-x64

8

a4cd3a0f94...0d.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

a4cd3a0f94b0a5c50402bc790266d77bb30fd5edf2cf7b4662d3256ea7254e0d.exe

Resource

win7-20220812-en

spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

a4cd3a0f94b0a5c50402bc790266d77bb30fd5edf2cf7b4662d3256ea7254e0d.exe

Resource

win10v2004-20220901-en

spyware stealer upx

windows10-2004-x64

3 signatures

150 seconds

General

Target

a4cd3a0f94b0a5c50402bc790266d77bb30fd5edf2cf7b4662d3256ea7254e0d
Size

188KB
MD5

327fded347acda130204f6f0e15b54bb
SHA1

d7c68d4438acd66425437a346beda4eec6f78e00
SHA256

a4cd3a0f94b0a5c50402bc790266d77bb30fd5edf2cf7b4662d3256ea7254e0d
SHA512

c096d934618878342c7f2ab9019a8d3104180ce9ac86d68ce45a4268d73f158f7c942c69f1278a2393aa9e7272a0262a3c659d21304d02d067fa730c8b937880
SSDEEP

3072:h+W49BFQ6pNSLJsCqgURsGZuK3sMiNBdimP6NwecrLelVyqQDGXhFl5IQp:h+lFLN0qgYsGhtsiTRcrCjyzGl5I

Score

N/A

Malware Config

Signatures

Files

a4cd3a0f94b0a5c50402bc790266d77bb30fd5edf2cf7b4662d3256ea7254e0d
.exe windows x86

57dd8beac2f51b22be25fb07efc85531

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Depth
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

user32

CharNextA
CharUpperA
GetWindowThreadProcessId
EnumWindows
KillTimer
GetWindowTextA
GetMessageA
DispatchMessageA
SetTimer
PostThreadMessageA
MessageBoxA
wsprintfW
LoadStringA
IsWindowVisible
PeekMessageA
wsprintfA

kernel32

GlobalAddAtomW
InterlockedExchange
LockResource
MultiByteToWideChar
HeapAlloc
GetLastError
LoadResource
EnumResourceTypesW
FindFirstFileA
GetProcAddress
GetModuleHandleW
GetCurrentDirectoryW
FindNextFileA
EnumResourceNamesA
RaiseException
LoadLibraryA
GlobalFree
LocalFree
FindResourceExW
HeapFree
GetDateFormatA
FindFirstFileW
SetLastError
EnumResourceNamesW
GetProcessHeap
FormatMessageW
CloseHandle
EnumResourceLanguagesW
SizeofResource
GetCommandLineW
Sleep

Sections

.text
Size: 100KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy