c48f7ae94e7434e537e7a11ee80be62a4234fba4129b5a86d5d0c22b57a5e024 | Triage

Submit
Reports

Overview

overview

8

Static

static

c48f7ae94e...24.exe

windows7-x64

8

c48f7ae94e...24.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

c48f7ae94e7434e537e7a11ee80be62a4234fba4129b5a86d5d0c22b57a5e024.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

c48f7ae94e7434e537e7a11ee80be62a4234fba4129b5a86d5d0c22b57a5e024.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

c48f7ae94e7434e537e7a11ee80be62a4234fba4129b5a86d5d0c22b57a5e024
Size

800KB
MD5

75cfd1432608ecb97cb908f7c31b9490
SHA1

de15bb5150c17edb5e1fd00c001172794b8ee5ed
SHA256

c48f7ae94e7434e537e7a11ee80be62a4234fba4129b5a86d5d0c22b57a5e024
SHA512

b9c17bf3964abbaa9a033ef6d01e2d2e9a78919b329cd5a565193e7ac0cf35cffae14bf87f18f08c002783ca5cc54172f1af4486775db62f4f02c3d8887ab82d
SSDEEP

12288:qtewE4CV3zU4yC+QHRJmx7qCY+xy0AE5LwNffzB0zBGZT/0gxRL1ouXJ:qtk4cbHDu7E+YDE5E5fMBkRL1D

Score

N/A

Malware Config

Signatures

Files

c48f7ae94e7434e537e7a11ee80be62a4234fba4129b5a86d5d0c22b57a5e024
.exe windows x86

8ba61f1f06957547941f0fddf55635ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

RemoveDirectoryA
TlsGetValue
GetExitCodeThread
MapViewOfFile
GetModuleHandleA
SetLastError
GetDriveTypeW
GetLocaleInfoA
GetFileAttributesA
VirtualProtect
IsBadWritePtr
ResetEvent
GetStringTypeA
GetTickCount
GetFileAttributesA
IsValidCodePage
GetProcessHeap
FindClose
FindResourceA
CreateDirectoryA
HeapSize

user32

IsDialogMessageA
IsWindow
GetWindowLongW
LoadCursorA
SetFocus
SetCursor
DispatchMessageA
GetWindowTextW
GetCapture
PeekMessageA
wsprintfW
LoadImageW
PostMessageW

msaatext

DllUnregisterServer
DllUnregisterServer
DllGetClassObject
DllCanUnloadNow

rasapi32

DwRasUninitialize

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 789KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.import
Size: 512B - Virtual size: 476B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy