ce49aaaef6f0cfee33550e66d1cbd66709a662e2bfeb5746b106cad7c9e87b01 | Triage

Submit
Reports

Overview

overview

8

Static

static

ce49aaaef6...01.exe

windows7-x64

8

ce49aaaef6...01.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

ce49aaaef6f0cfee33550e66d1cbd66709a662e2bfeb5746b106cad7c9e87b01.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

ce49aaaef6f0cfee33550e66d1cbd66709a662e2bfeb5746b106cad7c9e87b01.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

ce49aaaef6f0cfee33550e66d1cbd66709a662e2bfeb5746b106cad7c9e87b01
Size

863KB
MD5

c3ca0fd17371064bce23a9349cced738
SHA1

442063427ea04c72552c94c8d1cd82d8a7e5830f
SHA256

ce49aaaef6f0cfee33550e66d1cbd66709a662e2bfeb5746b106cad7c9e87b01
SHA512

3df2bad65d7c23f482840c4c9e23838e960e09fc7396a5d82ca3723a9039909ccdd2f7c61bf5d90f4ded149a3e249a6c70dff8d0302ba8de1aa0cb95a63005be
SSDEEP

24576:X0yWT7rUFd/rJ51PKxreOabMzWQkdgnj:X0yeUFd/JPKxrabMzVO

Score

N/A

Malware Config

Signatures

Files

ce49aaaef6f0cfee33550e66d1cbd66709a662e2bfeb5746b106cad7c9e87b01
.exe windows x86

b8c3c8d24003401f6960a53b135636c9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetPriorityClass
GetModuleFileNameA
SetLastError
HeapCreate
FindAtomA
GetProcessTimes
GlobalFree
SuspendThread
LocalFree
CreateMailslotA
EnterCriticalSection
FindClose
EnumCalendarInfoW
GetPrivateProfileStringW
ReadFile
GetCurrentProcessId
GetFileAttributesA
HeapDestroy
GetModuleHandleA

user32

GetSysColor
GetWindowLongA
DrawTextW
DispatchMessageA
GetClientRect
SetFocus
IsWindow
DispatchMessageA
GetClassInfoA
GetWindowInfo
CallWindowProcW
GetKeyboardType
GetKeyState

colbact

DllGetClassObject
DllGetClassObject
DllGetClassObject
DllGetClassObject
DllGetClassObject

desk.cpl

DeskSetCurrentScheme

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 853KB - Virtual size: 852KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy