ce5adfb02252a7f25d7ab8b9d5f5b9ece7ed02f1e11225b230f4693aa7c3e7ab | Triage

Submit
Reports

Overview

overview

8

Static

static

ce5adfb022...ab.exe

windows7-x64

8

ce5adfb022...ab.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

ce5adfb02252a7f25d7ab8b9d5f5b9ece7ed02f1e11225b230f4693aa7c3e7ab.exe

Resource

win7-20220901-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

ce5adfb02252a7f25d7ab8b9d5f5b9ece7ed02f1e11225b230f4693aa7c3e7ab.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

ce5adfb02252a7f25d7ab8b9d5f5b9ece7ed02f1e11225b230f4693aa7c3e7ab
Size

800KB
MD5

e3564f6c14de93e1b0b01f2334872a08
SHA1

bc4961968fdb5710be0b5e26180d07bffd446425
SHA256

ce5adfb02252a7f25d7ab8b9d5f5b9ece7ed02f1e11225b230f4693aa7c3e7ab
SHA512

104eb32c4f27e99490526445b6e41b4a21be5dc1573a135cfff03e81c9d6797952f4e18637dd1be828bef2dd73793ba686f7a96b204dd69672f61a53f9c579b4
SSDEEP

24576:gUwnsvcGek9qTsEPLEz307tgLmVWtHEN:gUwnsRekITsEysgL0+kN

Score

N/A

Malware Config

Signatures

Files

ce5adfb02252a7f25d7ab8b9d5f5b9ece7ed02f1e11225b230f4693aa7c3e7ab
.exe windows x86

b1506c18f5e08eef64c6660a0b8455b3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetLocaleInfoA
GetStdHandle
GetCommandLineA
ResumeThread
SuspendThread
IsBadReadPtr
ResumeThread
GetDriveTypeA
GetFileAttributesW
GetModuleHandleA
CreateDirectoryA
GetPriorityClass
DeleteFileA
WriteFile
GetProcessHeap
VirtualProtect
GlobalSize
SetLocalTime
ReadConsoleW
CreatePipe
HeapSize

user32

wsprintfA
GetWindowTextW
LoadCursorA
DestroyMenu
DestroyIcon
GetMessageA
DispatchMessageA
GetWindowLongA
GetWindowLongA
DrawIcon
SetCursor
SetRect
PeekMessageA

els

DllRegisterServer
DllUnregisterServer
DllUnregisterServer
DllGetClassObject

rasapi32

DwCloneEntry

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 794KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy