7843c15a9a9d93ac47d67161f0bb660005e9b113fa35f741fba24841fe0ad56f | Triage

Submit
Reports

Overview

overview

8

Static

static

7843c15a9a...6f.exe

windows7-x64

8

7843c15a9a...6f.exe

windows10-2004-x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

7843c15a9a9d93ac47d67161f0bb660005e9b113fa35f741fba24841fe0ad56f.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

7843c15a9a9d93ac47d67161f0bb660005e9b113fa35f741fba24841fe0ad56f.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

2 signatures

150 seconds

General

Target

7843c15a9a9d93ac47d67161f0bb660005e9b113fa35f741fba24841fe0ad56f
Size

828KB
MD5

133bf400bff37be7a2f441a3f6d2f2ee
SHA1

00c27bf601e0e0543e42e7a0750f077d88dc63c0
SHA256

7843c15a9a9d93ac47d67161f0bb660005e9b113fa35f741fba24841fe0ad56f
SHA512

b486b20267f0708c55a8fbb9fedc0c6be245a91d7f06087cc6f6d6ad8b468510626a53a7f2d9295ff88de57d8c87fc625c15fe9fa4762ef41b4d7161d5e1c641
SSDEEP

12288:hS9UbS+aTyCqnI1oThbeFimjhOUmH7N1aEPaC66XBgbWZihYSioAz0k72NCry:hSC4TyCJCVi01UmHax4AWZNDokeNCr

Score

N/A

Malware Config

Signatures

Files

7843c15a9a9d93ac47d67161f0bb660005e9b113fa35f741fba24841fe0ad56f
.exe windows x86

42120ce5ed77a2481a7321e3b2260276

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetDiskFreeSpaceW
GetShortPathNameA
GetModuleHandleA
GetProcessHeap
lstrcatA
GetTimeFormatA
GetLastError
GetPrivateProfileIntW
GetCurrentDirectoryA
GetEnvironmentVariableW
WriteFile
HeapFree
VirtualProtect
GetStringTypeA
CompareStringW
GetVolumeInformationA
CreateMailslotW
lstrcmpW
ReadConsoleW

es

NotifyLogonUser
NotifyLogoffUser
ServiceMain
LCEControlServer

Sections

.text
Size: 20KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.adata
Size: 1024B - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qdata
Size: 804KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cdata
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy