1c4bd3b58266a130051e998014ebd00832088c4b86c516d313ba83272828e5b8 | Triage

Submit
Reports

Overview

overview

8

Static

static

1c4bd3b582...b8.exe

windows7-x64

8

1c4bd3b582...b8.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

1c4bd3b58266a130051e998014ebd00832088c4b86c516d313ba83272828e5b8.exe

Resource

win7-20220901-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

1c4bd3b58266a130051e998014ebd00832088c4b86c516d313ba83272828e5b8.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

1c4bd3b58266a130051e998014ebd00832088c4b86c516d313ba83272828e5b8
Size

808KB
MD5

09b42e846c077acb5fa99642607fa8a1
SHA1

a322467298197a3ec5b713cbcf4e26d88d351027
SHA256

1c4bd3b58266a130051e998014ebd00832088c4b86c516d313ba83272828e5b8
SHA512

840c671473937b511845ef8db561c724cc03c6d6ce9db6cd1b01e4581636f2e5770011732e378252904413cf436676f1f19c2301dec36c3584d780e699dcb08d
SSDEEP

24576:ih+wrhwl2P2OP0vVCs0da7fn0VboQIabGoipnQ//c8KIVYneQ:icwrhEE2y0vVCs0oeozyGoiuaIyeQ

Score

N/A

Malware Config

Signatures

Files

1c4bd3b58266a130051e998014ebd00832088c4b86c516d313ba83272828e5b8
.exe windows x86

c307107f31bfbda50f8b15cc0e01dbe0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

HeapSize
GetStartupInfoA
GetFileAttributesA
VirtualProtect
GetLogicalDrives
GetPrivateProfileSectionW
Sleep
GetCommandLineA
AddAtomA
GetStringTypeW
GetDriveTypeW
FindVolumeClose
CopyFileA
ReadConsoleA
ReadConsoleA
ReadConsoleA
SetEvent
LoadLibraryW
HeapDestroy
lstrlenW
DeleteAtom

dsprop

CheckADsError
CheckADsError
FindSheet
ReportError
MsgBox
ErrMsg
ErrMsg
ReportError
ErrMsg
FindSheet
MsgBox
FindSheet
MsgBox

mmcndmgr

DllCanUnloadNow
CreateExecutivePlatform
DllRegisterServer
DllGetClassObject

Sections

.text
Size: 1024B - Virtual size: 778B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 1.4MB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 801KB - Virtual size: 801KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 67B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy