66896096be08ec12b76b8c16db90bc5810e607cb5a9e426632e70a0dd4d2c536 | Triage

Submit
Reports

Overview

overview

8

Static

static

66896096be...36.exe

windows7-x64

8

66896096be...36.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

66896096be08ec12b76b8c16db90bc5810e607cb5a9e426632e70a0dd4d2c536.exe

Resource

win7-20221111-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

66896096be08ec12b76b8c16db90bc5810e607cb5a9e426632e70a0dd4d2c536.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

66896096be08ec12b76b8c16db90bc5810e607cb5a9e426632e70a0dd4d2c536
Size

801KB
MD5

58492aa4597a73b6b7594e15543f8eb8
SHA1

1cb9dd4b9e7befaca593ae9d3011077348535f28
SHA256

66896096be08ec12b76b8c16db90bc5810e607cb5a9e426632e70a0dd4d2c536
SHA512

bf9c5efd33fcac55b11598a4939acad2ca78005f52fc29b0c19e076df8d795d0bcc2444deb11306d2bd249c591a034220d89dc16995fdd738a1aec2578466d11
SSDEEP

24576:zjMZ20ioQnf/mM71opSzOYXJ6MgYrxDf+:zAZFMeM7qSzHXJF9r+

Score

N/A

Malware Config

Signatures

Files

66896096be08ec12b76b8c16db90bc5810e607cb5a9e426632e70a0dd4d2c536
.exe windows x86

0b6084c883363d9d7f8b8a839395b661

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

IsBadWritePtr
InitializeCriticalSection
GetExitCodeProcess
GetLastError
HeapSize
CreateEventA
InterlockedExchange
CloseHandle
FormatMessageW
GetModuleHandleA
SetFileTime
GetStartupInfoW
HeapCreate
lstrcatA
LoadLibraryA
lstrcpyA
LeaveCriticalSection
GetFileSize
ReadFile
SetFileTime
SetFileTime

mstscax

DllGetClassObject
DllUnregisterServer
DllCanUnloadNow
DllRegisterServer

shell32

DragAcceptFiles
DllUnregisterServer
SHGetMalloc
ShellMessageBoxW
SHGetDiskFreeSpaceA
DragQueryFileA
ExtractIconA
StrChrA
SHGetSettings
DuplicateIcon
ShellAboutA
SHFree
DragFinish

rasapi32

DwRasUninitialize

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rich
Size: 1KB - Virtual size: 176B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ole
Size: 512B - Virtual size: 112B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 787KB - Virtual size: 786KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy