6cfbac700ce567a2bd97efbeeecee816c98ca0f872669741d08376b823420a74 | Triage

Submit
Reports

Overview

overview

8

Static

static

6cfbac700c...74.exe

windows7-x64

8

6cfbac700c...74.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

6cfbac700ce567a2bd97efbeeecee816c98ca0f872669741d08376b823420a74.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

6cfbac700ce567a2bd97efbeeecee816c98ca0f872669741d08376b823420a74.exe

Resource

win10v2004-20220812-en

discovery persistence spyware stealer upx

windows10-2004-x64

4 signatures

150 seconds

General

Target

6cfbac700ce567a2bd97efbeeecee816c98ca0f872669741d08376b823420a74
Size

809KB
MD5

058c0dfd460ea551dcc3621baa3ac5d7
SHA1

39a7ccd0439a16469e2364a3b79e5cbb61ff2d3b
SHA256

6cfbac700ce567a2bd97efbeeecee816c98ca0f872669741d08376b823420a74
SHA512

cd1e0c13ca566ff28b1e5f7417d84693ff88d197936fc3e8dc1178bc0656e76a2a1bd1a34c5a0616c8edbc8793c6fbb0b01552354cc802d2ce228aa030a88121
SSDEEP

12288:y+D86n6IFsjysjJNOCG1v1E7NCRB9TksSqnLgxD7+r+JjxJCsD:ykeIiWIJIF1tYNCRB92rxH+rNs

Score

N/A

Malware Config

Signatures

Files

6cfbac700ce567a2bd97efbeeecee816c98ca0f872669741d08376b823420a74
.exe windows x86

6b7a269ac06139283330b40720c4d709

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
RemoveDirectoryA
Sleep
ReadFile
GetConsoleTitleA
VirtualProtect
GetFileSize
GetConsoleTitleA
SetLastError
CloseHandle
lstrlenA
GlobalFree
CreateDirectoryA
GetModuleFileNameA
DeleteFileA
GetCommandLineA
TlsGetValue
WriteConsoleW
CreateDirectoryW
EnterCriticalSection
GetEnvironmentStringsW
SetLastError
LoadLibraryA
CreateFileA
GetStartupInfoA

user32

IsWindow
GetSysColor
MessageBoxA
PeekMessageA
CreateIcon
IsZoomed
DestroyMenu
GetWindowLongA
wsprintfA
GetWindowLongA
IsWindowVisible
GetClassInfoA
DispatchMessageA

cmutil

??_FCIniA@@QAEXXZ
??1CIniW@@QAE@XZ
??1CIniA@@QAE@XZ
??_FCIniW@@QAEXXZ

advapi32

RegCloseKey

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 800KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy