d6e852cbeae91ff4f9d6ef4247b5d15b5ea2d83b78f3f25177a2513064912a16 | Triage

Submit
Reports

Overview

overview

8

Static

static

d6e852cbea...16.exe

windows7-x64

8

d6e852cbea...16.exe

windows10-2004-x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

d6e852cbeae91ff4f9d6ef4247b5d15b5ea2d83b78f3f25177a2513064912a16.exe

Resource

win7-20220901-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

d6e852cbeae91ff4f9d6ef4247b5d15b5ea2d83b78f3f25177a2513064912a16.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

3 signatures

150 seconds

General

Target

d6e852cbeae91ff4f9d6ef4247b5d15b5ea2d83b78f3f25177a2513064912a16
Size

816KB
MD5

1d3f3dd9eb1d44b3dd8ddf2bebcb6489
SHA1

b45bf31ff9fbdcd297114a7137b02059dc61d16f
SHA256

d6e852cbeae91ff4f9d6ef4247b5d15b5ea2d83b78f3f25177a2513064912a16
SHA512

ef25cee0d75af38f03b98c46ef7908359f8490a14048061e687da1998eb42b645599759a9c9e993690440b9fda4a9c46293b2bf6a47253c98db372e5782c30f9
SSDEEP

12288:ID7bDC+f22UVeoQnJDMtsP0Ie6BXwg9oEDpMjZ+GxOQMt+Lf7:IDHDfaknisVeSgg9oMMZ+GgJ+Lf7

Score

N/A

Malware Config

Signatures

Files

d6e852cbeae91ff4f9d6ef4247b5d15b5ea2d83b78f3f25177a2513064912a16
.exe windows x86

e9f56a8135836f08938ad7bc8215e768

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Beep
SetThreadPriority
GetFullPathNameW
TlsGetValue
GetModuleHandleA
SetLocaleInfoA
Beep
Beep
FormatMessageA
DeleteFileW
GetCommandLineA
ReleaseMutex
Beep
Beep
TlsSetValue
Beep
WriteConsoleW
GetModuleFileNameW
GetPrivateProfileIntA
lstrlenW
Beep
Beep
VirtualQuery
Beep
SetCurrentDirectoryW
lstrcatA
Beep
GetCurrentThreadId
VirtualProtect

catsrvut

RegDBBackup
RegDBRestore
StartMTSTOCOM
CGMIsAdministrator

Sections

.TEXT
Size: 15KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ndata
Size: 1024B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.vdata
Size: 797KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy