6bc080d1affd3d579e2e393a37ba788fa102b0db82dbd9f19f27e3aea6d5bfe9 | Triage

Submit
Reports

Overview

overview

8

Static

static

6bc080d1af...e9.exe

windows7-x64

8

6bc080d1af...e9.exe

windows10-2004-x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

6bc080d1affd3d579e2e393a37ba788fa102b0db82dbd9f19f27e3aea6d5bfe9.exe

Resource

win7-20221111-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

6bc080d1affd3d579e2e393a37ba788fa102b0db82dbd9f19f27e3aea6d5bfe9.exe

Resource

win10v2004-20220812-en

discovery persistence upx

windows10-2004-x64

5 signatures

150 seconds

General

Target

6bc080d1affd3d579e2e393a37ba788fa102b0db82dbd9f19f27e3aea6d5bfe9
Size

816KB
MD5

065f3596136cd20effb59f4bda04829e
SHA1

a9a7c84e860d3921095c31a5d294631cb9fc7e0f
SHA256

6bc080d1affd3d579e2e393a37ba788fa102b0db82dbd9f19f27e3aea6d5bfe9
SHA512

47018f41291806ad273d8bcbc6a38cf490c032be9318cb83389b4c9a897544a898ffd41f5e2ad32cfc236b29332ee0e007240a03a760889397b16b354405ab63
SSDEEP

24576:YOZi4TR9MVD04vv8cnLVG4NpHGk+wjxj//:YeFTYFEcnJG0s9w

Score

N/A

Malware Config

Signatures

Files

6bc080d1affd3d579e2e393a37ba788fa102b0db82dbd9f19f27e3aea6d5bfe9
.exe windows x86

2d514992d86c596495eb8af0161d874f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrlenA
lstrlenA
lstrlenA
lstrlenA
GetCommandLineA
TlsGetValue
lstrcatA
GetPrivateProfileIntA
SetCurrentDirectoryW
GetDiskFreeSpaceA
GetCurrentThreadId
OpenMutexA
DeleteFileW
SetThreadPriority
FormatMessageW
lstrlenA
lstrlenA
GetModuleHandleA
lstrlenA
CreateDirectoryA
lstrlenA
lstrcmpA
lstrlenA
VirtualProtect
GetFileSize
WriteConsoleW
lstrlenA
VirtualFree
SetLocaleInfoW

cdosys

DllRegisterServer
DllUnregisterServer
DllCanUnloadNow
DllGetClassObject

Sections

.TEXT
Size: 17KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ndata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.adata
Size: 795KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy