3cab86dad09edae200d802bee14b6344274d6b2d896a9f3e4dc43b24b1c94994 | Triage

Submit
Reports

Overview

overview

8

Static

static

3cab86dad0...94.exe

windows7-x64

8

3cab86dad0...94.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

3cab86dad09edae200d802bee14b6344274d6b2d896a9f3e4dc43b24b1c94994.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

3cab86dad09edae200d802bee14b6344274d6b2d896a9f3e4dc43b24b1c94994.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

3cab86dad09edae200d802bee14b6344274d6b2d896a9f3e4dc43b24b1c94994
Size

800KB
MD5

a5e50580a0b4c7136d8d2998934bc4de
SHA1

8cc55d8c2782954cba8c413468a6244184ac8e83
SHA256

3cab86dad09edae200d802bee14b6344274d6b2d896a9f3e4dc43b24b1c94994
SHA512

6df7b04bb42a46e6d4610aa968807a035d0c04272ab8a0f3f1754b081b7d20ddd1a130193ade7bb1f87fc38001d8145ea9b4a135208ce8d7d0cf6560c8891352
SSDEEP

12288:dibewdlA52wUgBe9sJGK2ixwjLxUR/KmNODz9puPZ8Eof7F6fBX0KeVxt8j3q:ASHrUg49qGECjNIqsZ8zfcB0zvt8ja

Score

N/A

Malware Config

Signatures

Files

3cab86dad09edae200d802bee14b6344274d6b2d896a9f3e4dc43b24b1c94994
.exe windows x86

e8bb01679aa7c3394fe6603a004cde91

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeleteFileA
lstrlenA
GetPrivateProfileIntW
LoadLibraryW
CreateEventA
ResumeThread
GetPrivateProfileSectionA
CreateEventW
DeviceIoControl
GetFileAttributesW
ClearCommBreak
GetStringTypeW
TlsGetValue
GetProcessHeap
SetLastError
DeviceIoControl
GetDriveTypeA
HeapFree
GetCurrentThread
VirtualProtectEx
HeapDestroy

clbcatq

CheckMemoryGates
DllGetClassObject
SetSetupSave
ComPlusMigrate
ComPlusMigrate
SetupOpen
SetSetupSave
ComPlusMigrate
DllGetClassObject
CheckMemoryGates
SetupOpen
SetupOpen
CheckMemoryGates

pdh

PdhAddCounterA
PdhCloseLog
PdhGetLogFileTypeA
PdhGetLogFileSize

Sections

.text
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 1.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 794KB - Virtual size: 794KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy