c5ff62580f86a562fbc7930594e089d77323e516c074cc4dcb5e8355ccd3604a | Triage

Submit
Reports

Overview

overview

8

Static

static

c5ff62580f...4a.exe

windows7-x64

8

c5ff62580f...4a.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

c5ff62580f86a562fbc7930594e089d77323e516c074cc4dcb5e8355ccd3604a.exe

Resource

win7-20221111-en

persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

c5ff62580f86a562fbc7930594e089d77323e516c074cc4dcb5e8355ccd3604a.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

c5ff62580f86a562fbc7930594e089d77323e516c074cc4dcb5e8355ccd3604a
Size

176KB
MD5

c2c612fae63bee273c47f09f34f6b663
SHA1

2f7f711fd625911077ec321a06195d7aa3b7ef25
SHA256

c5ff62580f86a562fbc7930594e089d77323e516c074cc4dcb5e8355ccd3604a
SHA512

3b3483b461c55e5e2282d1897b07078a057fa06813fcbd931036e5bf772d4b2982da4c10b411e34929e41db306b802f5597af2c01ccea8076dce97a6f6b2266f
SSDEEP

3072:L7lRd0xQhmsmoL6CNx0x2SNcCLH7H8qtEuRHWb7jpwu9mx/Gucvz4:L7lRukmKgc4HHhiK+6/fc

Score

N/A

Malware Config

Signatures

Files

c5ff62580f86a562fbc7930594e089d77323e516c074cc4dcb5e8355ccd3604a
.exe windows x86

b23186cf30f7562d2a67f433ae3dd334

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyA
RegCloseKey
RegEnumKeyExA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegSetValueExA

shell32

SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation

kernel32

VirtualQueryEx
lstrlenA
GetSystemTimeAsFileTime
CreateProcessA
EnumResourceNamesA
MultiByteToWideChar
RaiseException
LocalAlloc
OpenFileMappingW
WideCharToMultiByte
InterlockedExchange

ole32

StringFromIID
ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy