c68d5085e80df844fb703aff9d327a54d548eb5c4315fbbcce37cae67ef18071 | Triage

Submit
Reports

Overview

overview

8

Static

static

c68d5085e8...71.exe

windows7-x64

8

c68d5085e8...71.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

c68d5085e80df844fb703aff9d327a54d548eb5c4315fbbcce37cae67ef18071.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

c68d5085e80df844fb703aff9d327a54d548eb5c4315fbbcce37cae67ef18071.exe

Resource

win10v2004-20220812-en

discovery persistence spyware stealer upx

windows10-2004-x64

5 signatures

150 seconds

General

Target

c68d5085e80df844fb703aff9d327a54d548eb5c4315fbbcce37cae67ef18071
Size

777KB
MD5

2040a1aad3a52671c354ad2e627e9184
SHA1

a7ba7dfe73979514cd88e84485160b76db34d9e6
SHA256

c68d5085e80df844fb703aff9d327a54d548eb5c4315fbbcce37cae67ef18071
SHA512

6438529f8b633fa3847a282f37c1eb78434c2416ec88672d6bf629d180233d71dff8c21f2eb6c5ed434fe90efc96de2407569438520be6733fcbea6655fe09d1
SSDEEP

12288:oZIufS/39haZJHxGJlxvlxOD0vv+KLYx/OT3NVPsrZK4Z3dLXMupKAyo+RXobcrM:os/39MnGdbvvWmD7QKKLXMUK7ZkKqKy

Score

N/A

Malware Config

Signatures

Files

c68d5085e80df844fb703aff9d327a54d548eb5c4315fbbcce37cae67ef18071
.exe windows x86

b3c8c43e14ab6a5acfa60f6e86bc16ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetKeyboardType
MessageBoxA
LoadStringA
CharNextA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

oleaut32

SysFreeString
SysReAllocStringLen
SysAllocStringLen

version

VerQueryValueA
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
GetFileVersionInfoW
GetFileVersionInfoA

gdi32

UnrealizeObject
SetWinMetaFileBits
StretchDIBits
StretchBlt
SetWindowOrgEx
TextOutW
SetViewportOrgEx
SetTextCharacterExtra
SetWindowExtEx
StartPage
TextOutA
StartDocA
SetViewportExtEx
SetTextColor

urlmon

CoInternetCreateZoneManager
CoInternetCreateSecurityManager
CoInternetGetSession
CreateURLMoniker

crypt32

CryptHashMessage
CryptMemAlloc
CryptLoadSip
CryptMemFree
CryptProtectData

Sections

.text
Size: 512B - Virtual size: 475B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 772KB - Virtual size: 772KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy