30fbff1e0ca5fc025ceeee0e35ac1499329d248baa3d735b1ec8a5e00c95c505 | Triage

Submit
Reports

Overview

overview

8

Static

static

30fbff1e0c...05.exe

windows7-x64

8

30fbff1e0c...05.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

30fbff1e0ca5fc025ceeee0e35ac1499329d248baa3d735b1ec8a5e00c95c505.exe

Resource

win7-20220901-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

30fbff1e0ca5fc025ceeee0e35ac1499329d248baa3d735b1ec8a5e00c95c505.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

30fbff1e0ca5fc025ceeee0e35ac1499329d248baa3d735b1ec8a5e00c95c505
Size

801KB
MD5

7f5eb376627ef0857e7d5d4910761a8d
SHA1

bd6d6629dfc0c9955d7807178ce2c4d3cc926640
SHA256

30fbff1e0ca5fc025ceeee0e35ac1499329d248baa3d735b1ec8a5e00c95c505
SHA512

9d577f697533018542df5df7d4effb175b070c22da624a6b04594d3b12a08996426687d6fa29029c464a80848c8d974f82eee0fcea981c28bfa0988dcb08e8c6
SSDEEP

12288:xaAMJ/kvJhlUdG2pd2efkxHfFfzM+qkAlETDrQinDMvDn020Ddz1lgoTgUaR:xLWOJbs/elFhfQinDID0n1lgol

Score

N/A

Malware Config

Signatures

Files

30fbff1e0ca5fc025ceeee0e35ac1499329d248baa3d735b1ec8a5e00c95c505
.exe windows x86

08071a663dfb3150daf928f4f7a1aea4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
lstrcatA
FormatMessageW
InitializeCriticalSection
HeapSize
SetFileTime
LoadLibraryA
GetExitCodeProcess
LeaveCriticalSection
lstrcpyA
GetStartupInfoW
CreateEventA
GetFileSize
SetFileTime
InterlockedExchange
HeapCreate
ReadFile
IsBadWritePtr
GetLastError
SetFileTime
GetModuleHandleA

mstscax

DllGetClassObject
DllRegisterServer
DllUnregisterServer
DllCanUnloadNow

shell32

ShellMessageBoxW
DragFinish
SHGetSettings
SHGetMalloc
DllUnregisterServer
DuplicateIcon
StrChrA
DragQueryFileA
SHFree
ExtractIconA
ShellAboutA
DragAcceptFiles
SHGetDiskFreeSpaceA

rasapi32

DwRasUninitialize

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rich
Size: 1KB - Virtual size: 176B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ole
Size: 512B - Virtual size: 112B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 787KB - Virtual size: 786KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy