903c02e0a7e92250d57c51e1bb08cfeabe473d867fd420d8f72abfd14706c0cb | Triage

Submit
Reports

Overview

overview

8

Static

static

903c02e0a7...cb.exe

windows7-x64

8

903c02e0a7...cb.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

903c02e0a7e92250d57c51e1bb08cfeabe473d867fd420d8f72abfd14706c0cb.exe

Resource

win7-20221111-en

discovery evasion persistence spyware stealer trojan

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

903c02e0a7e92250d57c51e1bb08cfeabe473d867fd420d8f72abfd14706c0cb.exe

Resource

win10v2004-20220901-en

discovery evasion persistence spyware stealer trojan

windows10-2004-x64

14 signatures

150 seconds

General

Target

903c02e0a7e92250d57c51e1bb08cfeabe473d867fd420d8f72abfd14706c0cb
Size

224KB
MD5

0a130a462a6fcd010e6099036eb22219
SHA1

513118916e7be414e9d3b95d75bcd6e1ed91b650
SHA256

903c02e0a7e92250d57c51e1bb08cfeabe473d867fd420d8f72abfd14706c0cb
SHA512

c71053c53645af8cf2f7a812b80a4f7b46f87754cedffb7b951afb593980115877563c15f095592022da3cf843def01c391675f6375ea426412601009b49890f
SSDEEP

6144:KHhlVchyimGI8iJqt4wkoIlXYR4iC9yfRAve3g:KHh7yyiIaVkNlXYGncScg

Score

N/A

Malware Config

Signatures

Files

903c02e0a7e92250d57c51e1bb08cfeabe473d867fd420d8f72abfd14706c0cb
.exe windows x86

bb4d6232fdaf06140c7d22df62be62c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockResource
GetCurrentProcessId
IsValidCodePage
LoadLibraryA
GetCurrentProcess
VirtualProtect
SetLastError
TlsSetValue
GetModuleHandleA
ExitProcess
DisableThreadLibraryCalls
RaiseException
HeapAlloc
GetACP
GetStartupInfoA
GetEnvironmentStrings
SetConsoleCP
GetSystemTimeAsFileTime
RemoveDirectoryA
HeapFree
GetTickCount
lstrcpyA
GetOEMCP
MapViewOfFile
SetStdHandle
GetCommandLineA
OutputDebugStringA
lstrcmpiW

msvcrt

_XcptFilter
wcschr
_callnewh

gdi32

GetObjectA

user32

GetActiveWindow
GetKeyState

advapi32

RegDeleteValueW

rpcrt4

RpcStringFreeW

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 181KB - Virtual size: 396KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy