cf50530874fb941bcdf67415ecbc7dc43f689f5239769216668e69c9f60680c0 | Triage

Submit
Reports

Overview

overview

8

Static

static

cf50530874...c0.exe

windows7-x64

8

cf50530874...c0.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

cf50530874fb941bcdf67415ecbc7dc43f689f5239769216668e69c9f60680c0.exe

Resource

win7-20221111-en

persistence upx

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

cf50530874fb941bcdf67415ecbc7dc43f689f5239769216668e69c9f60680c0.exe

Resource

win10v2004-20220812-en

persistence upx

windows10-2004-x64

2 signatures

150 seconds

General

Target

cf50530874fb941bcdf67415ecbc7dc43f689f5239769216668e69c9f60680c0
Size

34KB
MD5

6ab2c594497a0d6fba627ee7dbcbb92e
SHA1

51c15e7a972b26b644330139329bf3e68563f368
SHA256

cf50530874fb941bcdf67415ecbc7dc43f689f5239769216668e69c9f60680c0
SHA512

e65eda276f4ca569833a8d9824a59abb6f5b911bd19cd90189e9790e597a8db29941be0781ce1b0107d5cdaa046a960c956a6b98598464306efb4fda183e21f0
SSDEEP

768:omNv3ZMQQR816OOPxxtOv3EhJ8/+qLJYPVXXA:RppMQQn5xHJ8Gq1YPRQ

Score

N/A

Malware Config

Signatures

Files

cf50530874fb941bcdf67415ecbc7dc43f689f5239769216668e69c9f60680c0
.exe windows x86

07116e1301096bb3d15679f4e9112b4b

Code Sign

14:d2:38:64:86:f9:2c:4d:bf:b7:af:aa:c2:5f:7c:6a
Certificate

Issuer

CN=Aqeare

Not Before

31/12/2010, 21:00

Not After

31/12/2039, 23:59

Subject

CN=Aqeare

0c:e5:45:91:38:36:da:6f:fb:89:a0:34:01:29:dd:ea:ba:a9:3c:62
Signer

Actual PE Digest

0c:e5:45:91:38:36:da:6f:fb:89:a0:34:01:29:dd:ea:ba:a9:3c:62

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Aqeare

01/12/2022, 14:35
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

UpdateWindow
TranslateMessage
KillTimer

kernel32

GetCurrentThreadId
Sleep
LoadLibraryA
GetProcAddress
GetCommandLineA
GetModuleHandleA

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 196B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy