ca4e4f49a7bd63b93473b1cdd87bc263d7aafe8f669d7d388c4d4a16d3710764 | Triage

Submit
Reports

Overview

overview

8

Static

static

ca4e4f49a7...64.exe

windows7-x64

8

ca4e4f49a7...64.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

ca4e4f49a7bd63b93473b1cdd87bc263d7aafe8f669d7d388c4d4a16d3710764.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

ca4e4f49a7bd63b93473b1cdd87bc263d7aafe8f669d7d388c4d4a16d3710764.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

ca4e4f49a7bd63b93473b1cdd87bc263d7aafe8f669d7d388c4d4a16d3710764
Size

863KB
MD5

ab15e2eb3f3eb4c18f05494af9143c4f
SHA1

a0ceadbbb4b484300f43f05b6b9fac1e5aa8c347
SHA256

ca4e4f49a7bd63b93473b1cdd87bc263d7aafe8f669d7d388c4d4a16d3710764
SHA512

7e608a63677f1bb1dff0340ce62123a42f43db171629f0bb6924ac7de56dc4b594ab4fe2773b3c7327b1fb59be61b095d74c0c57f1047ba7a10c36811222ac45
SSDEEP

24576:t8AtcW7Rwm1mbtG2D5FHa77E2PJB+hSDZ+tl:tBNaxxa3ECKC+

Score

N/A

Malware Config

Signatures

Files

ca4e4f49a7bd63b93473b1cdd87bc263d7aafe8f669d7d388c4d4a16d3710764
.exe windows x86

73b1ae6973b77b06e674151968ca18c2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumCalendarInfoW
GetCurrentProcessId
LocalFree
GetFileAttributesA
FindClose
CreateMailslotA
SuspendThread
GetCurrentThreadId
GetPrivateProfileStringW
EnterCriticalSection
SetLastError
FindAtomA
HeapCreate
GetModuleFileNameA
GetProcessTimes
HeapDestroy
GlobalFree
ReadFile
GetPriorityClass
GetModuleHandleA

user32

GetSysColor
SetFocus
GetWindowInfo
GetClassInfoA
DispatchMessageA
GetClientRect
DispatchMessageA
GetWindowLongA
DrawTextW
GetKeyboardType
GetKeyState
CallWindowProcW
IsWindow

colbact

DllGetClassObject
DllGetClassObject
DllGetClassObject
DllGetClassObject
DllGetClassObject

desk.cpl

DeskSetCurrentScheme

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 853KB - Virtual size: 852KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy