Booking_026xls[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

Booking_026xls.exe

windows7-x64

Booking_026xls.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

Booking_026xls.exe

Resource

win7-20220812-en

eternity collection spyware stealer

windows7-x64

16 signatures

600 seconds

Behavioral task

behavioral2

Sample

Booking_026xls.exe

Resource

win10v2004-20221111-en

eternity collection spyware stealer

windows10-2004-x64

12 signatures

600 seconds

General

Target

Booking_026xls.exe
Size

762KB
MD5

a585978049b92aae727e1194e57fe33b
SHA1

fe4d4fa0fee1d7659a51bf7bc4cdb9eff1c8a091
SHA256

bcb56d0fe856303e717cc5063013acebff9df5645629472ab2600248a604d0b9
SHA512

de4f9a3c748ba8b82fb4cb2fa5f816317dc68aa632de26304d708037b9a1c65a55c5125b84ce42b5200438103ab3066f50064ba24c9c089c61f59ba0bcae1a18
SSDEEP

12288:rzSgbiZU6XgScm6mTGL0YEW+VxEPW0jNM8WUFJVbqaT5SomZn0ZaHJBq6Tc9Vo:HSPXgVSTGLZEW+VyM8vb95bn8w

Score

N/A

Malware Config

Signatures

Files

Booking_026xls.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 743KB - Virtual size: 742KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy