a06679392ffd1b7bd7aa20ca56ef909d87de07778974243f392e64cebfc4e3ff | Triage

Submit
Reports

Overview

overview

8

Static

static

a06679392f...ff.exe

windows7-x64

8

a06679392f...ff.exe

windows10-2004-x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

a06679392ffd1b7bd7aa20ca56ef909d87de07778974243f392e64cebfc4e3ff.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

a06679392ffd1b7bd7aa20ca56ef909d87de07778974243f392e64cebfc4e3ff.exe

Resource

win10v2004-20221111-en

discovery persistence spyware stealer upx

windows10-2004-x64

5 signatures

150 seconds

General

Target

a06679392ffd1b7bd7aa20ca56ef909d87de07778974243f392e64cebfc4e3ff
Size

819KB
MD5

9ee3865dc195494a61004d60a5d92de1
SHA1

05e1d66acad02467796a17a6c7277d294f20f547
SHA256

a06679392ffd1b7bd7aa20ca56ef909d87de07778974243f392e64cebfc4e3ff
SHA512

85f9e329b5881f28cabfa4db8bc94109e9400e01240c4b4244b9d8d7a16130d45f21df66b2c002adc9353e9cef6bd0b3afd1bfa17d2defffdddc5d3c0612305a
SSDEEP

24576:C0r4MlnoVZL8Dz2mFUUGXzcCgo5O8uso:x4fMzSUeza6O83o

Score

N/A

Malware Config

Signatures

Files

a06679392ffd1b7bd7aa20ca56ef909d87de07778974243f392e64cebfc4e3ff
.exe windows x86

ac373ede1c37d4034105d939f58096cc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpW
SetThreadPriority
lstrcpynA
GetPrivateProfileIntA
GetModuleHandleA
GetFileType
FindFirstVolumeA
GetDriveTypeA
VirtualProtect
lstrcpynA
lstrcpynA
ReadConsoleA
Heap32Next
GetCurrentDirectoryA
lstrcpynA
lstrcpynA
lstrcpynA
OpenMutexW
lstrcpynA
GetCurrentThreadId
VirtualFree
WriteFile
lstrcpynA
GetDiskFreeSpaceW
GetSystemTime
lstrcatA
lstrcpynA
lstrcpynA
GetVolumeInformationA

d3d8

ValidatePixelShader
DebugSetMute
Direct3DCreate8
ValidateVertexShader

Sections

.text
Size: 18KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 854B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ddata
Size: 796KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ydata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy