d161ce6338ce9caeeb5ec59cab80d064[.]bin | Triage

Submit
Reports

Overview

overview

Static

static

1

4a438193a4...4a.exe

windows7-x64

4a438193a4...4a.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

4a438193a415f2c4eca1161b7ac94ed6531288971dbb2c202704f7b8a72cda4a.exe

Resource

win7-20230220-en

privateloader loader

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

4a438193a415f2c4eca1161b7ac94ed6531288971dbb2c202704f7b8a72cda4a.exe

Resource

win10v2004-20230220-en

privateloader discovery loader spyware stealer

windows10-2004-x64

8 signatures

150 seconds

General

Target

d161ce6338ce9caeeb5ec59cab80d064.bin
Size

6.1MB
MD5

6da2dcbb092b4c8496fefddd177cfc18
SHA1

6a29332cbf4aea20e8b17f314db5c91eecedc9ba
SHA256

40765e92a70ca01f780a80c2477089cf7971a26d2eba4a0f8d5b38f76ee6e225
SHA512

746388816d5cf47bb7b95e639c76c1efbab39d9ef7d20a9a762baa34b3cfbc17e56ffdef97d231081555360852167611039ac44d421580ac5780af5c17ff0ac0
SSDEEP

196608:TkDeCqf+TOaIyuU+JR5gfA/Zs9Mm0OLRl:TkDeCqf+6aInNges9rr1l

Score

1^/10

Malware Config

Signatures

Files

d161ce6338ce9caeeb5ec59cab80d064.bin
.zip

Password: infected
4a438193a415f2c4eca1161b7ac94ed6531288971dbb2c202704f7b8a72cda4a.exe
.exe windows x86

Password: infected

348773d00220e600aabe04ecb8803881

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

GetDC

gdi32

BitBlt

advapi32

CredFree

shell32

ShellExecuteA

crypt32

CryptUnprotectData

gdiplus

GdipFree

setupapi

SetupDiGetClassDevsA

wtsapi32

WTSSendMessageW

Sections

.MPRESS1
Size: 5.9MB - Virtual size: 12.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 234KB - Virtual size: 234KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy