c2aa9e6f9e9f77fe6cdc719d5c522b71730ab76bd1ef6c52a0e247c895db9388 | Triage

Submit
Reports

Overview

overview

8

Static

static

c2aa9e6f9e...88.exe

windows7-x64

8

c2aa9e6f9e...88.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

c2aa9e6f9e9f77fe6cdc719d5c522b71730ab76bd1ef6c52a0e247c895db9388.exe

Resource

win7-20221111-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

c2aa9e6f9e9f77fe6cdc719d5c522b71730ab76bd1ef6c52a0e247c895db9388.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

c2aa9e6f9e9f77fe6cdc719d5c522b71730ab76bd1ef6c52a0e247c895db9388
Size

858KB
MD5

8f5132492c2fe0a6448e06f957e40c5a
SHA1

a1da83fe312fedb3d74e5706c55369f4ec7a6768
SHA256

c2aa9e6f9e9f77fe6cdc719d5c522b71730ab76bd1ef6c52a0e247c895db9388
SHA512

2a90e117b28cbcef94285085d2d174a652d060f95409b2bfafac38de9c8e77e8c635d2e642dfc28590cf84295f0a3e5c4f262a8d9e05d98c47e0986e1a6c3839
SSDEEP

12288:jELLfFRU5KA3TXcCP6viVWwMZu4e2brMiBQTpyT/yq8yBNWEL/qgtAmK:4LLtiKCLDy6U5ZThBxTxHHL/ftAmK

Score

N/A

Malware Config

Signatures

Files

c2aa9e6f9e9f77fe6cdc719d5c522b71730ab76bd1ef6c52a0e247c895db9388
.exe windows x86

cfd54d79a554f6d4e16ac93ab5b4d691

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
HeapCreate
GetFileAttributesW
Sleep
MapViewOfFile
TlsAlloc
CloseHandle
GetStartupInfoA
GetEnvironmentVariableA
CreateFileA
TlsGetValue
DeleteFileW
SetLastError
GetModuleFileNameA
GetModuleHandleA
GetStdHandle
GetACP
HeapDestroy
IsBadCodePtr
SetEvent

user32

DrawTextW
GetClassInfoA
FindWindowA
GetKeyState
GetKeyState
IsZoomed
GetWindowLongA
DispatchMessageA
CreateIcon
CallWindowProcW
GetSysColor
DestroyMenu
DispatchMessageA

resutils

ClusWorkerStart
ClusWorkerStart
ClusWorkerStart
ClusWorkerStart

timedate.cpl

CPlApplet

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 848KB - Virtual size: 847KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy