2ef2369dd0b71ed85c74d8e44a4327ec7c98e4ecef3f9b79516ebcae0473ed43 | Triage

Submit
Reports

Overview

overview

8

Static

static

2ef2369dd0...43.exe

windows7-x64

8

2ef2369dd0...43.exe

windows10-2004-x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

2ef2369dd0b71ed85c74d8e44a4327ec7c98e4ecef3f9b79516ebcae0473ed43.exe

Resource

win7-20220901-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

2ef2369dd0b71ed85c74d8e44a4327ec7c98e4ecef3f9b79516ebcae0473ed43.exe

Resource

win10v2004-20220901-en

discovery persistence upx

windows10-2004-x64

5 signatures

150 seconds

General

Target

2ef2369dd0b71ed85c74d8e44a4327ec7c98e4ecef3f9b79516ebcae0473ed43
Size

816KB
MD5

728ab2985b49a4f88d1e0a6d6ad8aec0
SHA1

26c045264fa8cf4f82966066023050499d739059
SHA256

2ef2369dd0b71ed85c74d8e44a4327ec7c98e4ecef3f9b79516ebcae0473ed43
SHA512

06c531a5c64fd05cacea70a082d2c299cc06fa57e1e425dc617a756ea92e76393fe06c22bd30ede12b3b984775e22aba25470d5fc010a60eaae70577dfc6d22e
SSDEEP

12288:qlFLqW/kNr4t6sFI9MzaGhEL6ogv3ngLT42n1JBJ0sgc1IRk/CGyXIvSwbqm5:42jr4UsCyqLvgvgf42bvxvsbHwOm5

Score

N/A

Malware Config

Signatures

Files

2ef2369dd0b71ed85c74d8e44a4327ec7c98e4ecef3f9b79516ebcae0473ed43
.exe windows x86

1fcc606b5b8c405d7f50a847520ca090

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrlenA
VirtualFree
lstrcmpA
lstrlenA
WriteConsoleW
lstrlenA
DeleteFileW
lstrlenA
OpenMutexA
CreateDirectoryA
lstrlenA
GetModuleHandleA
lstrlenA
GetDiskFreeSpaceA
GetFileSize
SetCurrentDirectoryW
VirtualProtect
lstrlenA
lstrlenA
lstrlenA
TlsGetValue
GetCurrentThreadId
lstrlenA
FormatMessageW
SetThreadPriority
GetCommandLineA
lstrcatA
GetPrivateProfileIntA
SetLocaleInfoW

cdosys

DllCanUnloadNow
DllRegisterServer
DllUnregisterServer
DllGetClassObject

Sections

.TEXT
Size: 17KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ndata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.adata
Size: 795KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy