8dcd5ddfb9b11bee8b3f95d7c76221a27c4bd5d90b62762ce5eff1aca1d9ca6c | Triage

Submit
Reports

Overview

overview

8

Static

static

8dcd5ddfb9...6c.exe

windows7-x64

8

8dcd5ddfb9...6c.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

8dcd5ddfb9b11bee8b3f95d7c76221a27c4bd5d90b62762ce5eff1aca1d9ca6c.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

8dcd5ddfb9b11bee8b3f95d7c76221a27c4bd5d90b62762ce5eff1aca1d9ca6c.exe

Resource

win10v2004-20220812-en

discovery persistence spyware stealer upx

windows10-2004-x64

4 signatures

150 seconds

General

Target

8dcd5ddfb9b11bee8b3f95d7c76221a27c4bd5d90b62762ce5eff1aca1d9ca6c
Size

810KB
MD5

d510fa07e1487edb56f15d9e316a2863
SHA1

491d618130cfa5c01d1872c80e7188ea01d04bf1
SHA256

8dcd5ddfb9b11bee8b3f95d7c76221a27c4bd5d90b62762ce5eff1aca1d9ca6c
SHA512

6fd47c779b24177a919c6f1df54bf0d2817b123835a95b0fb1254f2f0321491199c28ab38add26a0a922cc394c0f27feca9ffea2ee89d6caae64574228077fc9
SSDEEP

24576:n21qRcST6AqCZI15oMvF4nH8HzlGpSnJiE01vN:6qekC5FlHDJiEG

Score

N/A

Malware Config

Signatures

Files

8dcd5ddfb9b11bee8b3f95d7c76221a27c4bd5d90b62762ce5eff1aca1d9ca6c
.exe windows x86

5fe29d2f8603ebecde8a6ad60bbcc3bc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
TlsGetValue
Sleep
CreateDirectoryA
CloseHandle
WriteConsoleW
VirtualProtect
CreateDirectoryW
SetLastError
GlobalFree
GetTickCount
GetFileSize
EnterCriticalSection
lstrlenA
RemoveDirectoryA
GetCommandLineA
GetStartupInfoA
GetEnvironmentStringsW
OpenMutexA
ReadConsoleW
GetModuleFileNameA
CreateFileA
SetLastError
OpenSemaphoreW
LoadLibraryA

user32

DestroyMenu
DrawTextA
IsWindow
CallWindowProcA
DispatchMessageA
DispatchMessageA
GetClassInfoA
PeekMessageA
GetSysColor
SetFocus
IsWindowEnabled
FindWindowW
GetWindowLongA

cmutil

??_FCIniW@@QAEXXZ
??1CIniW@@QAE@XZ
??1CIniA@@QAE@XZ
??_FCIniA@@QAEXXZ

advapi32

RegCloseKey

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 800KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy