96ae91711e8eb0d9ca5fdebc758018421eb529a05af63ff2f37c607270da0cff | Triage

Submit
Reports

Overview

overview

8

Static

static

96ae91711e...ff.exe

windows7-x64

8

96ae91711e...ff.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

96ae91711e8eb0d9ca5fdebc758018421eb529a05af63ff2f37c607270da0cff.exe

Resource

win7-20221111-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

96ae91711e8eb0d9ca5fdebc758018421eb529a05af63ff2f37c607270da0cff.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

96ae91711e8eb0d9ca5fdebc758018421eb529a05af63ff2f37c607270da0cff
Size

818KB
MD5

5e03dd215498ef0d5d7186b35a6a6443
SHA1

d69b42780b15190d68c57ee94496960c265749a9
SHA256

96ae91711e8eb0d9ca5fdebc758018421eb529a05af63ff2f37c607270da0cff
SHA512

acba0b874e40c555e77a4a9742206dd1fe3e10ac4657bb718d5b1608d3a93f2270081681f483b57475aeb937b7245234b12fdad269958099308547ea8b997642
SSDEEP

12288:sn8n7tF0VBtHnGaYFEDF3ZF+gdiAVlKbhbtPjFQtNC8/L1u9T7vxdYvWxpTqSAxY:snOtF4Gan3/+iBKVthqujDrTqSeY

Score

N/A

Malware Config

Signatures

Files

96ae91711e8eb0d9ca5fdebc758018421eb529a05af63ff2f37c607270da0cff
.exe windows x86

1345642657bc65eebbdf30feb1673ea0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstVolumeA
OpenMutexW
GetSystemTime
WriteFile
lstrcpynA
GetCurrentDirectoryA
GetModuleHandleA
lstrcpynA
lstrcpynA
lstrcmpW
GetCurrentThreadId
ReadConsoleA
GetPrivateProfileIntA
Heap32First
VirtualProtectEx
lstrcatA
lstrcpynA
GetDiskFreeSpaceW
lstrcpynA
GetDriveTypeA
lstrcpynA
GetVolumeInformationA
GetFileType
lstrcpynA
lstrcpynA
VirtualFree
SetThreadPriority
lstrcpynA
lstrcpynA

cmdial32

InetDialHandler
RasCustomDial
RasCustomDialDlg
AutoDialFunc

Sections

.text
Size: 18KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 850B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ddata
Size: 795KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bdata
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy