ca5dee4dcd5871218dbc6dc58b884adabe3dceb360a2c6ac132ada08e29359b6 | Triage

Submit
Reports

Overview

overview

8

Static

static

ca5dee4dcd...b6.exe

windows7-x64

8

ca5dee4dcd...b6.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

ca5dee4dcd5871218dbc6dc58b884adabe3dceb360a2c6ac132ada08e29359b6.exe

Resource

win7-20221111-en

discovery persistence upx

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

ca5dee4dcd5871218dbc6dc58b884adabe3dceb360a2c6ac132ada08e29359b6.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

2 signatures

150 seconds

General

Target

ca5dee4dcd5871218dbc6dc58b884adabe3dceb360a2c6ac132ada08e29359b6
Size

768KB
MD5

a372bd71bfad7b0b6ed3b5e0d30e0906
SHA1

0eb2f854e39abddaec86d1da29879c2a5c34dcd6
SHA256

ca5dee4dcd5871218dbc6dc58b884adabe3dceb360a2c6ac132ada08e29359b6
SHA512

b0f642d18bedaead3c83f8b9ce12f1ac4f6c83ff37b95f5db086c97abd27a727d5f1e42d5e9d73e9583b789f412e6bdf733a64ef6ef16a0966763affa978b0b3
SSDEEP

24576:6wgIYPtqAUZk2QW+AsoOrf8Yd/kS9H6l9:6PI6AAajooY8Yd/Tq

Score

N/A

Malware Config

Signatures

Files

ca5dee4dcd5871218dbc6dc58b884adabe3dceb360a2c6ac132ada08e29359b6
.exe windows x86

f801a4f0c64f0cdbff5c7c7d26d68455

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RemoveDirectoryW
ReleaseMutex
VirtualProtect
GetFileSize
GetProcessHeap
HeapDestroy
GetStdHandle
HeapSize
GetTickCount
SetLastError
FatalExit
SetLastError
ReleaseSemaphore
CreateDirectoryW
MapViewOfFile
DeleteFileW
CreateFileA
LoadLibraryA
CancelIo
CreateMutexW
ReadConsoleA
RemoveDirectoryW
GetStartupInfoA
CreateHardLinkA
ReleaseSemaphore

uxtheme

DrawThemeEdge
GetThemeTextExtent
OpenThemeData
GetThemeBool
GetThemeColor
CloseThemeData
GetWindowTheme
SetWindowTheme
CloseThemeData
IsThemeActive
DrawThemeBackground
GetThemeSysSize
GetThemeTextMetrics

ncobjapi

WmiDestroyObject
WmiIsObjectActive
WmiCommitObject
WmiCreateObject

Sections

.text
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 760KB - Virtual size: 760KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy