ccc838e5d8d1ca10527a286699ad91fd444d8c22d9888709cc51d0ccb5093d89 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

ccc838e5d8...89.exe

windows7-x64

8

ccc838e5d8...89.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

ccc838e5d8d1ca10527a286699ad91fd444d8c22d9888709cc51d0ccb5093d89.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

ccc838e5d8d1ca10527a286699ad91fd444d8c22d9888709cc51d0ccb5093d89.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

ccc838e5d8d1ca10527a286699ad91fd444d8c22d9888709cc51d0ccb5093d89
Size

801KB
MD5

48c1bf600c6a9b21fad6abd857ba4892
SHA1

a0ff3d8bfafd1dabdefd8c4f13448866f8067906
SHA256

ccc838e5d8d1ca10527a286699ad91fd444d8c22d9888709cc51d0ccb5093d89
SHA512

8c01c427c861138dc48018ea1b8d530960d6c0f447ba8773963865cf29cbdde88ac70863b48f2c0ce3c72e6f3fa28e26353698e0cd0db31e3aafe01790331272
SSDEEP

24576:57/4r/7mxlQL0GoO0Ug8LZc4tmUvjYLav:5j4r/7MlQLJr0181TmUvMLav

Score

N/A

Malware Config

Signatures

Files

ccc838e5d8d1ca10527a286699ad91fd444d8c22d9888709cc51d0ccb5093d89
.exe windows x86

e09dccc30d623538750557b233d98153

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
SetFileTime
SetConsoleTitleA
HeapCreate
HeapSize
ReadFile
GetFileSize
InterlockedExchange
lstrcpyA
GetExitCodeProcess
LeaveCriticalSection
GetStartupInfoW
GetStringTypeA
GetLastError
SetFileTime
IsBadWritePtr
CloseHandle
CreateEventA
LoadLibraryA
lstrcatA
SetFileTime

mstscax

DllUnregisterServer
DllRegisterServer
DllGetClassObject
DllCanUnloadNow

shell32

SHGetDiskFreeSpaceA
ShellMessageBoxW
ShellAboutA
SHFree
DuplicateIcon
DragFinish
DragQueryFileA
SHGetMalloc
DragAcceptFiles
StrChrA
SHGetSettings
DllUnregisterServer
ExtractIconA

rasapi32

DwRasUninitialize

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rich
Size: 1KB - Virtual size: 176B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ole
Size: 512B - Virtual size: 112B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 787KB - Virtual size: 786KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.