d4cb2f3fcf661027aeb01bd4d7b7ec159ff436a551ea53cb54db8db67b3653f5 | Triage

Submit
Reports

Overview

overview

8

Static

static

d4cb2f3fcf...f5.exe

windows7-x64

8

d4cb2f3fcf...f5.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

d4cb2f3fcf661027aeb01bd4d7b7ec159ff436a551ea53cb54db8db67b3653f5.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

d4cb2f3fcf661027aeb01bd4d7b7ec159ff436a551ea53cb54db8db67b3653f5.exe

Resource

win10v2004-20220812-en

discovery persistence upx

windows10-2004-x64

4 signatures

150 seconds

General

Target

d4cb2f3fcf661027aeb01bd4d7b7ec159ff436a551ea53cb54db8db67b3653f5
Size

793KB
MD5

021f016cdc375eb8dbd865153f6efbcc
SHA1

4c97e5f1b6bcf01210dd574a8b2662aef2ffd8b2
SHA256

d4cb2f3fcf661027aeb01bd4d7b7ec159ff436a551ea53cb54db8db67b3653f5
SHA512

94be0cc008511b38b3faa5e1f68382cba895722498906420635e0fb9f1d5f00035ec21036d8543d527065b96be91de0495eaa3e80e4e195a44d8e3e0a3797ea1
SSDEEP

24576:tTC68l40iaIZCvLgpdVxRN2qIOQ395pr:tTCT40RvLkdj7ID95p

Score

N/A

Malware Config

Signatures

Files

d4cb2f3fcf661027aeb01bd4d7b7ec159ff436a551ea53cb54db8db67b3653f5
.exe windows x86

3cb412d7363631efc0217f7296f09bc5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesW
lstrlenA
GetTickCount
CreateSemaphoreA
HeapSize
SetLastError
SetLastError
CloseHandle
CreateHardLinkA
LoadLibraryA
CreateDirectoryW
SetEvent
GlobalFree
Sleep
WriteConsoleA
GetStartupInfoA
VirtualProtectEx
DeleteFileA
CreateMutexA
GetProcessHeap
GetLocalTime

cic

DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer

ssdpapi

CleanupCache
SsdpCleanup
FindServices
SsdpStartup

wininet

FtpCommandW

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 785KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy