7194af442b5eb145190af08f710400c91fb3b7ce81a612635160e843167b7980 | Triage

Submit
Reports

Overview

overview

8

Static

static

7194af442b...80.exe

windows7-x64

8

7194af442b...80.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

7194af442b5eb145190af08f710400c91fb3b7ce81a612635160e843167b7980.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

7194af442b5eb145190af08f710400c91fb3b7ce81a612635160e843167b7980.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

7194af442b5eb145190af08f710400c91fb3b7ce81a612635160e843167b7980
Size

810KB
MD5

ae9ad6f6d171d872812c88e0d07193bb
SHA1

768a781657bacbae01013bfd41a3fc2544897767
SHA256

7194af442b5eb145190af08f710400c91fb3b7ce81a612635160e843167b7980
SHA512

77e139753cbfe2db593c95d009e62c35c75543677e5fc89707f63e9f984122cb4b134bb969dbb0cfd2bcbaf9506d25988d479d7dbd3754889ade99592e1d7cdb
SSDEEP

24576:x4Ks3du8h3DmQF66sW76pdsINsT53atTUKyXsxMsu1:xDS3FfsW74mINs16TUp8

Score

N/A

Malware Config

Signatures

Files

7194af442b5eb145190af08f710400c91fb3b7ce81a612635160e843167b7980
.exe windows x86

bae15ab0b7fcb07e2b1ca4a25e94f0a8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetLastError
LoadLibraryA
HeapSize
lstrcpyW
GetModuleHandleA
GetFileSize
lstrcatA
LeaveCriticalSection
SetFileTime
SetFileTime
SetFileTime
IsBadWritePtr
GetStringTypeA
CloseHandle
GetStartupInfoW
SetConsoleTitleA
GetExitCodeProcess
CreateEventA
HeapCreate
InterlockedExchange
ReadFile

mstscax

DllUnregisterServer
DllGetClassObject
DllRegisterServer
DllCanUnloadNow

shell32

SHGetMalloc
DragAcceptFiles
SHGetSettings
SHGetDiskFreeSpaceA
ShellAboutA
DuplicateIcon
DllUnregisterServer
SHFree
DragQueryFileA
StrChrA
ExtractIconA
DragFinish
ShellMessageBoxW

rasapi32

DwRasUninitialize

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rich
Size: 1KB - Virtual size: 176B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ole
Size: 512B - Virtual size: 101B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 798KB - Virtual size: 798KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy