1a6cde48ed35ce6b0dc5430a608eb0c96b45f43ff8facfd7ce17cf48938a5aa3 | Triage

Submit
Reports

Overview

overview

8

Static

static

1a6cde48ed...a3.exe

windows7-x64

8

1a6cde48ed...a3.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

1a6cde48ed35ce6b0dc5430a608eb0c96b45f43ff8facfd7ce17cf48938a5aa3.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

1a6cde48ed35ce6b0dc5430a608eb0c96b45f43ff8facfd7ce17cf48938a5aa3.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

1a6cde48ed35ce6b0dc5430a608eb0c96b45f43ff8facfd7ce17cf48938a5aa3
Size

809KB
MD5

0febf46715074e6d04aa39b8020d09f0
SHA1

25844c5a654134c3bd895ba128cc629fd5b710da
SHA256

1a6cde48ed35ce6b0dc5430a608eb0c96b45f43ff8facfd7ce17cf48938a5aa3
SHA512

0df28eb82b9df72a1b87ef343cbd50f4ee5ebb79b096c6a4cea63ca7252b394e119e9d44e288000e8ccd4b213d8a3e9c2d8b9850553a42524b3966bff4e5ad64
SSDEEP

12288:fcwKS1Gry68339lC36941EwC5fGjGAIQs2un2GW8pRIBcL85aXJET5vnwH4FqO1H:/GbEu360En5fGjGFJDrGcp+pFqS

Score

N/A

Malware Config

Signatures

Files

1a6cde48ed35ce6b0dc5430a608eb0c96b45f43ff8facfd7ce17cf48938a5aa3
.exe windows x86

2cca32f2b5b3f2a90a998da31cbde9d3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RemoveDirectoryA
GetStartupInfoA
lstrlenW
CancelIo
VirtualProtect
CreateDirectoryA
GetFileSize
CreateDirectoryA
CloseHandle
CancelIo
TlsGetValue
GetTickCount
GetCommandLineA
GetConsoleTitleA
GetEnvironmentStringsW
GetModuleHandleA
Sleep
ReadFile
GetModuleFileNameA
DeleteFileA
WriteConsoleW
GetConsoleTitleA
CreateFileA
GlobalFree
EnterCriticalSection

user32

DestroyMenu
PeekMessageA
CreateIcon
IsWindow
DispatchMessageA
wsprintfA
GetWindowLongA
GetClassInfoA
GetSysColor
IsWindowVisible
GetWindowLongA
IsWindowEnabled
MessageBoxA

console

CPlApplet
CPlApplet
CPlApplet
CPlApplet

advapi32

RegCloseKey

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 800KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy