cca813e15e103dd1e296f64d772b14ab8e35a82446ae02edb38bb7c4e0127bca | Triage

Submit
Reports

Overview

overview

8

Static

static

cca813e15e...ca.exe

windows7-x64

8

cca813e15e...ca.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

cca813e15e103dd1e296f64d772b14ab8e35a82446ae02edb38bb7c4e0127bca.exe

Resource

win7-20220901-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

cca813e15e103dd1e296f64d772b14ab8e35a82446ae02edb38bb7c4e0127bca.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

cca813e15e103dd1e296f64d772b14ab8e35a82446ae02edb38bb7c4e0127bca
Size

798KB
MD5

818366685e56340746012c4043e51b90
SHA1

674ca90e58429cc935723f35798ca63a801eec0f
SHA256

cca813e15e103dd1e296f64d772b14ab8e35a82446ae02edb38bb7c4e0127bca
SHA512

cdb90dcb6f2cd5f960c3e30497e9c643d7004912f32b1abf6e7fafca88e98f56f6844ad87ffd5d2f76165e452312d4783d3085e24ca9a7bb29a2aca902f58db7
SSDEEP

12288:w222Z2x9cBXSpQCidUfHXZ/dFYkqH8IpgOMnQSMN0q3MbFg5B4s102lHTyptdfZ:w22nPcBXKBidUfHKbH8TQfNKCTRO

Score

N/A

Malware Config

Signatures

Files

cca813e15e103dd1e296f64d772b14ab8e35a82446ae02edb38bb7c4e0127bca
.exe windows x86

4237c7f51c2433f388d2ff21168350cc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetLocaleInfoW
CreateEventA
GetVersionExA
GlobalLock
GetStringTypeA
DeviceIoControl
SetLastError
FindClose
GetFileAttributesW
GetCurrentThread
VirtualProtectEx
GetModuleHandleA
GetPrivateProfileSectionA
CreateDirectoryW
SetCommBreak
HeapFree
GetCurrentProcess
RemoveDirectoryW
LocalFlags
GetFileAttributesW
TlsGetValue

user32

PeekMessageW
SetCursorPos
SetCursor
wsprintfW
LoadCursorA
GetWindowTextW
DefDlgProcA
PostMessageW
GetWindowLongW
IsWindow
IsDialogMessageA
DispatchMessageA
SetFocus

msorcl32

SQLConnect
SQLCancel
SQLDisconnect
SQLError

ntshrui

IsPathSharedA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 699KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 789KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.import
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy