92249c715ecd5986e7b201c79904bdc8be7bd0415e8ec7d0abd4bd251639e172 | Triage

Submit
Reports

Overview

overview

8

Static

static

92249c715e...72.exe

windows7-x64

8

92249c715e...72.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

92249c715ecd5986e7b201c79904bdc8be7bd0415e8ec7d0abd4bd251639e172.exe

Resource

win7-20220812-en

bootkit persistence spyware stealer upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

92249c715ecd5986e7b201c79904bdc8be7bd0415e8ec7d0abd4bd251639e172.exe

Resource

win10v2004-20220812-en

bootkit persistence spyware stealer upx

windows10-2004-x64

8 signatures

150 seconds

General

Target

92249c715ecd5986e7b201c79904bdc8be7bd0415e8ec7d0abd4bd251639e172
Size

431KB
MD5

22c6de6d38da016cad90b4f87fa60c22
SHA1

dde05273888ff94fd80a1d147ed3dd536720a48b
SHA256

92249c715ecd5986e7b201c79904bdc8be7bd0415e8ec7d0abd4bd251639e172
SHA512

3e3c2cc28890773d6cafa15668f0453a1b43ed3e2703f95f0c0fa45d221f7e8b75cfd02e0ad452d56e5efbd8837737eafc8f3cc1fcbe56bb510565f8a9d41f59
SSDEEP

12288:2MtRAonOnby9ZvLqKoBEqAsQGtqZQ2C79m:2CPLKBEqAsRtqE9

Score

N/A

Malware Config

Signatures

Files

92249c715ecd5986e7b201c79904bdc8be7bd0415e8ec7d0abd4bd251639e172
.exe windows x86

f7f934911fdaefe09119c1f04e74f497

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetStartupInfoA
LoadLibraryA
GetProcessHeap
GetModuleHandleA
VirtualAlloc

advapi32

RegOpenKeyA
RegCloseKey

Sections

.text
Size: 403KB - Virtual size: 403KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.oti1
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.oti5
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.oti2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.oti3
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.oti4
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.oti6
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy