4437cf01698d4edeb6e9cb9c9850f68b43d929e23f7035136779a749b7af57db | Triage

Submit
Reports

Overview

overview

8

Static

static

4437cf0169...db.exe

windows7-x64

8

4437cf0169...db.exe

windows10-2004-x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

4437cf01698d4edeb6e9cb9c9850f68b43d929e23f7035136779a749b7af57db.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

4437cf01698d4edeb6e9cb9c9850f68b43d929e23f7035136779a749b7af57db.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

2 signatures

150 seconds

General

Target

4437cf01698d4edeb6e9cb9c9850f68b43d929e23f7035136779a749b7af57db
Size

828KB
MD5

207d824eeb2ebb409d515b51acb7b19f
SHA1

006782247484d5c87e1da40dc156828d6f9371eb
SHA256

4437cf01698d4edeb6e9cb9c9850f68b43d929e23f7035136779a749b7af57db
SHA512

82249f475f434d086a83b24df297949d2dd9dffa0ed3366ab296d6466bed1c63ef017d0af83694f15c650a88b45a5cda1c5f4bf8567662ddb133f84bf87faa8c
SSDEEP

12288:uwkm1aTd16QX6tTYL3EQL8VkFjmBoaVVWkouj7YqiysUap17uK/LVr:5kmg57ZL068V8jmBjVWkLiybCiqx

Score

N/A

Malware Config

Signatures

Files

4437cf01698d4edeb6e9cb9c9850f68b43d929e23f7035136779a749b7af57db
.exe windows x86

22dd4d7d1dbdcfba3ed4af06a443bab4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VirtualProtect
ReadConsoleW
GetPrivateProfileIntW
GetEnvironmentVariableW
GetProcessHeap
CompareStringW
GetLastError
CreateMailslotW
GetCurrentDirectoryA
GetDiskFreeSpaceW
GetTimeFormatA
GetModuleHandleA
GetStringTypeA
GetVolumeInformationA
GetShortPathNameA
WriteFile
lstrcmpW
lstrcatA
HeapFree

es

LCEControlServer
ServiceMain
NotifyLogoffUser
NotifyLogonUser

Sections

.text
Size: 20KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.adata
Size: 1024B - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qdata
Size: 804KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cdata
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy