d7dd32c720f6c81c92d0861b49bd2636b06be571c479efd1529544f70e1f2d83 | Triage

Submit
Reports

Overview

overview

8

Static

static

d7dd32c720...83.exe

windows7-x64

8

d7dd32c720...83.exe

windows10-2004-x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

d7dd32c720f6c81c92d0861b49bd2636b06be571c479efd1529544f70e1f2d83.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

d7dd32c720f6c81c92d0861b49bd2636b06be571c479efd1529544f70e1f2d83.exe

Resource

win10v2004-20221111-en

discovery persistence spyware stealer upx

windows10-2004-x64

5 signatures

150 seconds

General

Target

d7dd32c720f6c81c92d0861b49bd2636b06be571c479efd1529544f70e1f2d83
Size

819KB
MD5

e397c5bab59fa603d03eb0deccd73de4
SHA1

bff407b6fb287368780e69c1915a96680abccde6
SHA256

d7dd32c720f6c81c92d0861b49bd2636b06be571c479efd1529544f70e1f2d83
SHA512

f6b0cada6b53cc3d94488577e7012585da4f519939ac02dc203f9ece3fc0f32d6a1a1d89e29b5aa6d54049a75573aefa008036bc38c051a7cb6515667fdabb1f
SSDEEP

24576:x2T/R5PglYH7nUljXdrO3D5TfjH8LhqlBEnN:4T/RFtH7nkjta3tfH8LCEN

Score

N/A

Malware Config

Signatures

Files

d7dd32c720f6c81c92d0861b49bd2636b06be571c479efd1529544f70e1f2d83
.exe windows x86

93e585112d4237fc6b94da6a8b840924

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
GetSystemTime
VirtualFree
lstrcpynA
lstrcpynA
lstrcpynA
GetVolumeInformationA
lstrcpynA
GetDiskFreeSpaceW
lstrcpynA
lstrcpynA
GetModuleHandleA
SetThreadPriority
Heap32Next
lstrcatA
GetCurrentDirectoryA
ReadConsoleA
lstrcpynA
lstrcpynA
GetCurrentThreadId
FindFirstVolumeA
GetDriveTypeA
WriteFile
lstrcmpW
OpenMutexW
lstrcpynA
GetPrivateProfileIntA
GetFileType
lstrcpynA

d3d8

DebugSetMute
ValidateVertexShader
Direct3DCreate8
ValidatePixelShader

Sections

.text
Size: 18KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 854B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ddata
Size: 796KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ydata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy