a3cb8c6ccbff97a66d1c333b62a6b872467b01f54c58e16762be688223dc6649 | Triage

Submit
Reports

Overview

overview

8

Static

static

a3cb8c6ccb...49.exe

windows7-x64

8

a3cb8c6ccb...49.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

a3cb8c6ccbff97a66d1c333b62a6b872467b01f54c58e16762be688223dc6649.exe

Resource

win7-20220901-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

a3cb8c6ccbff97a66d1c333b62a6b872467b01f54c58e16762be688223dc6649.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

a3cb8c6ccbff97a66d1c333b62a6b872467b01f54c58e16762be688223dc6649
Size

800KB
MD5

965e28a0db934ccba4d3d5e50c3b7490
SHA1

3b617ee4b2bf8e9cdde663436a3cdf6142798428
SHA256

a3cb8c6ccbff97a66d1c333b62a6b872467b01f54c58e16762be688223dc6649
SHA512

e688db098e7a7b6acb24c05ec5cf8db8585e8c58c2a1422bf688571a15edb3fc8b13ce7935fc83f961509a5c7574ff969096267773193034008342d1a1cfbffb
SSDEEP

12288:2+1ZSU/l9YRRT6PqlcGm6G1agX5YzY2eTDyWbchPzx9udyPxvPvTeqkVzB1H:h9/sT6y9m6GUychPGdyBTeXB1H

Score

N/A

Malware Config

Signatures

Files

a3cb8c6ccbff97a66d1c333b62a6b872467b01f54c58e16762be688223dc6649
.exe windows x86

e5a56db4c4393050e8ed785b337846df

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrlenA
DeviceIoControl
GetStringTypeW
VirtualProtectEx
SetLastError
GetDriveTypeA
GetCurrentThread
HeapFree
GetFileAttributesW
DeleteFileA
HeapDestroy
CreateEventW
ResumeThread
GetPrivateProfileIntW
TlsGetValue
GetPrivateProfileSectionA
GetProcessHeap
CreateMutexW
ClearCommBreak
DeviceIoControl
LoadLibraryW

clbcatq

ComPlusMigrate
DllGetClassObject
DllGetClassObject
SetSetupSave
ComPlusMigrate
CheckMemoryGates
SetSetupSave
ComPlusMigrate
SetupOpen
SetupOpen
SetupOpen
CheckMemoryGates
CheckMemoryGates

pdh

PdhGetLogFileSize
PdhAddCounterA
PdhGetLogFileTypeA
PdhCloseLog

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 1.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 794KB - Virtual size: 794KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy