GalaxyBypassByKami[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

1

GalaxyBypa...mi.exe

windows7-x64

8

GalaxyBypa...mi.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

GalaxyBypassByKami.exe

Resource

win7-20231215-en

discovery persistence spyware stealer

windows7-x64

23 signatures

600 seconds

Behavioral task

behavioral2

Sample

GalaxyBypassByKami.exe

Resource

win10v2004-20231222-en

discovery evasion persistence pyinstaller ransomware spyware stealer trojan upx

windows10-2004-x64

35 signatures

600 seconds

General

Target

GalaxyBypassByKami.exe
Size

1.9MB
MD5

4bed40186d297a610ef50dec768966f3
SHA1

8d7bd22d71b9984ccc0b11c70adf6055f5a11ee7
SHA256

3eed132fec308525d012a54b71d81d5f7f863c2ba863ede2dd412fccd7721cdd
SHA512

ab58ec739b54a6c87849098f24d81e580c25fe21338007245f1300c98f73880834df998ebc569065ee4be1ebbbd5a2fb654eca01d0f81aa5861effd752caa6b5
SSDEEP

24576:40A/5EDFOkiqjhZRXQrWs0fraMqbSdkqzm8K69DDU97K7ZDBjcG:4X/5EhRpjhb59uBGHKv7KlDBN

Score

1^/10

Malware Config

Signatures

Files

GalaxyBypassByKami.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

6e:a9:ce:f6:6b:b0:b4:a4:47:35:a1:6d:e2:fb:4b:03
Certificate

Issuer

CN=Kami

Not Before

12/10/2023, 16:11

Not After

31/12/2039, 23:59

Subject

CN=Kami

08:e6:90:b7:4d:22:aa:cf:58:54:1b:0c:1d:f7:fc:c4:4b:ea:2f:4b:cc:f8:d0:5f:eb:af:f3:f6:8c:12:7c:f4
Signer

Actual PE Digest

08:e6:90:b7:4d:22:aa:cf:58:54:1b:0c:1d:f7:fc:c4:4b:ea:2f:4b:cc:f8:d0:5f:eb:af:f3:f6:8c:12:7c:f4

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\soanm\Downloads\galxy swapper key\GalaxyBypassByKami\GalaxyBypassByKami\obj\Debug\GalaxyBypassByKami.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 269KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy