9037ab8e61bad4bf41d20a72d57259a7c72600f950b841f72eae3ae854969e9c | Triage

Submit
Reports

Overview

overview

8

Static

static

9037ab8e61...9c.exe

windows7-x64

8

9037ab8e61...9c.exe

windows10-2004-x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

9037ab8e61bad4bf41d20a72d57259a7c72600f950b841f72eae3ae854969e9c.exe

Resource

win7-20221111-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

9037ab8e61bad4bf41d20a72d57259a7c72600f950b841f72eae3ae854969e9c.exe

Resource

win10v2004-20221111-en

discovery persistence spyware stealer upx

windows10-2004-x64

5 signatures

150 seconds

General

Target

9037ab8e61bad4bf41d20a72d57259a7c72600f950b841f72eae3ae854969e9c
Size

820KB
MD5

9e67128632cb5fa7dc56d1dfc3a3455f
SHA1

e986988c54bc7f531ceba26e401c479b65c40eae
SHA256

9037ab8e61bad4bf41d20a72d57259a7c72600f950b841f72eae3ae854969e9c
SHA512

eb0b8658f69855d783cd387220c8caa00a08ea3c6b66138f7ae4d1a7111ae2dc814cb306fd374919537e619922c2ddaaec8660dac6150b05344dd0fe114c9460
SSDEEP

12288:HFWiaPkToGrnb4o6rSsf60oZaOzvPAeDxx00iCsZuKWYLReWGFk+0DLDZkXeuIOE:0i3vrbMwPA+xx3iCs8jHNFivDCBIF86

Score

N/A

Malware Config

Signatures

Files

9037ab8e61bad4bf41d20a72d57259a7c72600f950b841f72eae3ae854969e9c
.exe windows x86

6c00472998cb4731ae96356d37250156

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadConsoleA
lstrcpynA
GetPrivateProfileIntA
GetVolumeInformationA
lstrcpynA
GetCurrentDirectoryA
lstrcpynA
lstrcpynA
lstrcmpW
lstrcpynA
FindFirstVolumeW
lstrcpynA
SetThreadPriority
WriteFile
GetDriveTypeW
lstrcpynA
GetFileType
lstrcpynA
GetModuleHandleA
lstrcpynA
GetDiskFreeSpaceW
GetCurrentThreadId
Heap32Next
GetSystemTime
OpenMutexW
lstrcatA
lstrcpynA
VirtualFree
VirtualProtectEx

d3d8

ValidatePixelShader
Direct3DCreate8
ValidateVertexShader
DebugSetMute

Sections

.text
Size: 18KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hdata
Size: 796KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ydata
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy