96911adb0d7235404607cb26fdc8fff30f561e221484bc946d4d739c7ea0b7c1 | Triage

Submit
Reports

Overview

overview

8

Static

static

96911adb0d...c1.exe

windows7-x64

8

96911adb0d...c1.exe

windows10-2004-x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

96911adb0d7235404607cb26fdc8fff30f561e221484bc946d4d739c7ea0b7c1.exe

Resource

win7-20221111-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

96911adb0d7235404607cb26fdc8fff30f561e221484bc946d4d739c7ea0b7c1.exe

Resource

win10v2004-20221111-en

discovery persistence upx

windows10-2004-x64

5 signatures

150 seconds

General

Target

96911adb0d7235404607cb26fdc8fff30f561e221484bc946d4d739c7ea0b7c1
Size

815KB
MD5

a751150ba316f4b1c71d01fcd6ab6713
SHA1

62a0ab3fe0d15c35a4fa69a3a479c853af954281
SHA256

96911adb0d7235404607cb26fdc8fff30f561e221484bc946d4d739c7ea0b7c1
SHA512

616b0525c01a9ce00bea6df6b6ce497957093938b775941eb3d0d47934e6f577458331cc158a031ad1aa62c9e5795e1f2873883085693e2efe0c3b308528a18b
SSDEEP

24576:WLm1YdtHcFXA/2/qAViqfW5VYeae5CumH7zK:7Ydt8FQ/2tIzBeb

Score

N/A

Malware Config

Signatures

Files

96911adb0d7235404607cb26fdc8fff30f561e221484bc946d4d739c7ea0b7c1
.exe windows x86

a45739725ec1e379c6b7acfb72a44760

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

dsprop

MsgBox
ErrMsg

clbcatq

CheckMemoryGates
DllGetClassObject

uxtheme

CloseThemeData
DrawThemeEdge
GetThemeTextExtent
GetThemeSysSize
GetThemeColor
DrawThemeBackground
GetThemeEnumValue
GetThemeTextMetrics
GetWindowTheme

msasn1

ASN1BERDecCheck
ASN1BERDecBool

ntshrui

IsFolderPrivateForUser
GetLocalPathFromNetResourceA

kernel32

SetFileAttributesA
VirtualProtect
CreateNamedPipeA
lstrcpynA
GetPrivateProfileSectionA
LoadLibraryA
GetProcAddress
PurgeComm
GetLogicalDrives
IsBadStringPtrA
FoldStringA
lstrcmpiA
GetCurrentDirectoryA
CreatePipe
FindResourceA

Sections

.code
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 802KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy