cb2b32daa6d9036a52e2eadff6c23950763cc9ff52b410fdc7946c9b9383017f | Triage

Submit
Reports

Overview

overview

8

Static

static

cb2b32daa6...7f.exe

windows7-x64

8

cb2b32daa6...7f.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

cb2b32daa6d9036a52e2eadff6c23950763cc9ff52b410fdc7946c9b9383017f.exe

Resource

win7-20220901-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

cb2b32daa6d9036a52e2eadff6c23950763cc9ff52b410fdc7946c9b9383017f.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

cb2b32daa6d9036a52e2eadff6c23950763cc9ff52b410fdc7946c9b9383017f
Size

803KB
MD5

60e812c9dbad3a870e4105bccefe50b0
SHA1

bbd747878a04f052b18642428827193e482b4cc3
SHA256

cb2b32daa6d9036a52e2eadff6c23950763cc9ff52b410fdc7946c9b9383017f
SHA512

c13a88439a235947a70d4a2e040aec41ad8465b7664c10cd50d24aa02b65a63709d2e615fa439a2b8259b9a6b72696076e21b623578ee1f06a37a72f8b0d25ce
SSDEEP

12288:4E9CNpoa1TsqvtmGja08mmm76zdQYTMS5YiAYvvAoHb6rZoiwKgxQYxiX3EXStqU:D9CJTTvtmGjCmj76JQYTMSByiR+3Eit

Score

N/A

Malware Config

Signatures

Files

cb2b32daa6d9036a52e2eadff6c23950763cc9ff52b410fdc7946c9b9383017f
.exe windows x86

63b8932b211ea251a0fc0d1911e3104c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CreateEventW
GetCurrentProcess
OpenMutexA
DeviceIoControl
VirtualProtectEx
GetStdHandle
GetFileAttributesA
GetCurrentThread
DeviceIoControl
HeapDestroy
FindVolumeClose
HeapFree
CloseHandle
LoadLibraryA
LocalLock
GetPrivateProfileSectionA
lstrlenA
GetStringTypeA
GetDriveTypeA
DeleteFileA
GetPrivateProfileIntW

uxtheme

IsThemeActive
GetThemeTextMetrics
GetThemeTextExtent
SetWindowTheme
OpenThemeData
DrawThemeBackground
GetThemeSysSize
GetThemeColor
GetThemeBool
CloseThemeData
DrawThemeEdge
CloseThemeData
GetWindowTheme

odbccp32

SQLGetAvailableDrivers
SQLInstallDriver
SQLInstallODBC
SQLConfigDataSource

msasn1

ASN1BERDecBool

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 794KB - Virtual size: 794KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy