cfff495e3ae10e84f8b647f122ee56c62ef6c3d653170d308a7ee84ea75d3a21 | Triage

Submit
Reports

Overview

overview

8

Static

static

cfff495e3a...21.exe

windows7-x64

8

cfff495e3a...21.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

cfff495e3ae10e84f8b647f122ee56c62ef6c3d653170d308a7ee84ea75d3a21.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

cfff495e3ae10e84f8b647f122ee56c62ef6c3d653170d308a7ee84ea75d3a21.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

cfff495e3ae10e84f8b647f122ee56c62ef6c3d653170d308a7ee84ea75d3a21
Size

863KB
MD5

6c01a5bc6802c4b3ab41f053fb6c6ad3
SHA1

119953d1514d5b839b165180f215ea48f1c926dc
SHA256

cfff495e3ae10e84f8b647f122ee56c62ef6c3d653170d308a7ee84ea75d3a21
SHA512

56ecc42043beb4d9977661e937c2f8440b6e10f11bec07b574b71eb5845baaf12e1876dc10c19997c737907a2c57e45bfba45ee880b0ceae255ac01a1eb6850c
SSDEEP

12288:8cQOwxNj4RMwwAo+fbg5HN4AIJqoxrIspQj/D6M6PA3kF24A/ittq7ZbdswvjbL7:vCwwh+fs5qA90IsK7p6zFlRTql2wv7

Score

N/A

Malware Config

Signatures

Files

cfff495e3ae10e84f8b647f122ee56c62ef6c3d653170d308a7ee84ea75d3a21
.exe windows x86

18ba60ee6093f6c475f666746f100173

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
GlobalFree
GetCurrentProcessId
GetModuleHandleA
GetCurrentThreadId
SuspendThread
GetDriveTypeW
CreateMailslotA
GetPrivateProfileStringW
EnumCalendarInfoW
SetLastError
GetProcessTimes
GetModuleFileNameA
FindAtomA
HeapCreate
LocalFree
GetFileAttributesA
ResetEvent
FindClose
EnterCriticalSection

user32

GetKeyboardType
DrawTextW
GetWindowInfo
DispatchMessageA
GetWindowLongA
IsWindow
GetKeyState
SetFocus
CallWindowProcW
GetClientRect
GetSysColor
DispatchMessageA
GetClassInfoA

cliconfg

OnInitDialogMain
OnInitDialogMain
OnInitDialogMain
OnInitDialogMain
OnInitDialogMain

desk.cpl

DeskSetCurrentScheme

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 853KB - Virtual size: 852KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy