c19ecfe4fedf56f54941d605a6330b351fc0af6c5ebca0d2b51388d4dbcb1469 | Triage

Submit
Reports

Overview

overview

8

Static

static

c19ecfe4fe...69.exe

windows7-x64

8

c19ecfe4fe...69.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

c19ecfe4fedf56f54941d605a6330b351fc0af6c5ebca0d2b51388d4dbcb1469.exe

Resource

win7-20220812-en

spyware stealer upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

c19ecfe4fedf56f54941d605a6330b351fc0af6c5ebca0d2b51388d4dbcb1469.exe

Resource

win10v2004-20220812-en

spyware stealer upx

windows10-2004-x64

5 signatures

150 seconds

General

Target

c19ecfe4fedf56f54941d605a6330b351fc0af6c5ebca0d2b51388d4dbcb1469
Size

99KB
MD5

d4fda10524159cd8240c380444424fbf
SHA1

96c0331f9316c4fc31966009f85e24b9be56e245
SHA256

c19ecfe4fedf56f54941d605a6330b351fc0af6c5ebca0d2b51388d4dbcb1469
SHA512

b98b324a394b62390bbcf307732069894089d72cc066e78f6ac88b481842e1514a487baac66d7daee1290a739e95202167d9a8b68d529a439ee33b71b6da0bd6
SSDEEP

3072:OPxxOoDTWuTsUItULcS33YE4TSqnCzmC:igoDTWuBqoYTSqg

Score

N/A

Malware Config

Signatures

Files

c19ecfe4fedf56f54941d605a6330b351fc0af6c5ebca0d2b51388d4dbcb1469
.exe windows x86

c55793cd604112c3ea7cf607ec551cc1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CallWindowProcA

msvbvm60

ord598
ord631
DllFunctionCall
__vbaExceptHandler
ord608
ProcCallEngine
ord537
ord644
ord100

kernel32

GetProcAddress
CreateProcessW
RtlMoveMemory
LoadLibraryA
VirtualAllocEx

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.oFY
Size: 512B - Virtual size: 4KB

© 2018-2025

Terms | Privacy