5a1f85170b60cf4309001b1cf3ebb6789785e51073e8a5c21b2bcfa58b258142 | Triage

Submit
Reports

Overview

overview

8

Static

static

5a1f85170b...42.exe

windows7-x64

8

5a1f85170b...42.exe

windows10-2004-x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

5a1f85170b60cf4309001b1cf3ebb6789785e51073e8a5c21b2bcfa58b258142.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

5a1f85170b60cf4309001b1cf3ebb6789785e51073e8a5c21b2bcfa58b258142.exe

Resource

win10v2004-20221111-en

discovery persistence spyware stealer upx

windows10-2004-x64

5 signatures

150 seconds

General

Target

5a1f85170b60cf4309001b1cf3ebb6789785e51073e8a5c21b2bcfa58b258142
Size

818KB
MD5

ee53aebccbb766f12de4907951152921
SHA1

9cd7f7ad7bf28680db84eac6f6d829dd30f997e6
SHA256

5a1f85170b60cf4309001b1cf3ebb6789785e51073e8a5c21b2bcfa58b258142
SHA512

828ed6645be03c337587af1883d78f35e3ad7cb23af546ad7a8af62b336abf0b76c05cc33f780f32b121bc1ac1625c5494fb41b2abbc1227f13a26f974d070d3
SSDEEP

12288:pCq9PMFMMOZyyY3gH27L1aXbYwt2MJFu/EUgXyWJYJKw7S3L0V4/ok7Srp5zp:pC+PMz4Ul074VPKIKw+W4tWl5zp

Score

N/A

Malware Config

Signatures

Files

5a1f85170b60cf4309001b1cf3ebb6789785e51073e8a5c21b2bcfa58b258142
.exe windows x86

1a94e059b3527d91eeec7cca5dffbe92

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
GetPrivateProfileIntA
lstrcatA
SetCurrentDirectoryW
GetCommandLineA
GetModuleHandleA
GetModuleFileNameW
SetThreadPriority
DeleteFileW
WriteConsoleW
FormatMessageA
GetFullPathNameW
ReleaseMutex
GetCurrentThreadId
VirtualQuery
VirtualProtect
TlsSetValue
lstrlenW
SetLocaleInfoA

azroles

AzApplicationDelete
AzAddPropertyItem
AzApplicationCreate
AzApplicationClose

Sections

.text
Size: 15KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.data
Size: 797KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy