50938be136527970c4fa9df18842ad76[.]exe | Triage

Submit
Reports

Overview

overview

7

Static

static

1

50938be136...76.exe

windows7-x64

7

50938be136...76.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

50938be136527970c4fa9df18842ad76.exe

Resource

win7-20230220-en

discovery spyware stealer

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

50938be136527970c4fa9df18842ad76.exe

Resource

win10v2004-20230220-en

discovery spyware stealer

windows10-2004-x64

3 signatures

150 seconds

General

Target

50938be136527970c4fa9df18842ad76.exe
Size

3.3MB
MD5

50938be136527970c4fa9df18842ad76
SHA1

63ec9a2c612b57e082d27421b88d30e673e873f2
SHA256

199de8b727ceae96afb7c7560092c1d7a4dbe5a005c07ae20cffd9871da52b82
SHA512

c2655b9e643a7d854984527d8b4260632bea369b5baf68e6718c5d638751abe249f4cc620b2ae03c6ed53705ac764f74aa36d3b950aa04e45184409b92bd275d
SSDEEP

98304:dcR7APDOTa07J1qEGj05rAfBuHLbhTXmdYx/t3WP:waDSjkCrAfBuHLbpmdY9t3

Score

1^/10

Malware Config

Signatures

Files

50938be136527970c4fa9df18842ad76.exe
.exe windows x86

54f97145ccdcbc2e31f50113957801d6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

advapi32

GetUserNameW

user32

EnumDisplayDevicesA

gdi32

BitBlt

Sections

.MPRESS1
Size: 3.2MB - Virtual size: 5.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy