c58fa969c1b4979869b2543909b387f2b90331299e0735990893211d640cc2cf | Triage

Submit
Reports

Overview

overview

8

Static

static

c58fa969c1...cf.exe

windows7-x64

8

c58fa969c1...cf.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

c58fa969c1b4979869b2543909b387f2b90331299e0735990893211d640cc2cf.exe

Resource

win7-20220812-en

discovery persistence upx

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

c58fa969c1b4979869b2543909b387f2b90331299e0735990893211d640cc2cf.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

c58fa969c1b4979869b2543909b387f2b90331299e0735990893211d640cc2cf
Size

745KB
MD5

0e25a3806678c745d54992430562afc3
SHA1

092fd392d365a08aa82197c4d5ece9db7b4e9b05
SHA256

c58fa969c1b4979869b2543909b387f2b90331299e0735990893211d640cc2cf
SHA512

5356ff85f4931bb8980f5b7ba7942d2521808ba855e1b59850d55e48866184425bd0293d2aa147ec807c76a301f95f5fa27a12e057ecb7f8ee434a585af53b5a
SSDEEP

12288:exa/S78wSBEtRnbtl0tM9je+rYBaIYCITmo1PYQ9dwtSeyAjyONj8:exmjwDduK6iRpCITFYQvwt9rt

Score

N/A

Malware Config

Signatures

Files

c58fa969c1b4979869b2543909b387f2b90331299e0735990893211d640cc2cf
.exe windows x86

9a6635017654d8640b9c63ebcdabba1d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
GetFileTime
ExitProcess
GetCurrentDirectoryW
CloseHandle
GetCommandLineA
GlobalLock
HeapCreate
GetFileType
GetModuleHandleA
GetEnvironmentVariableW
SetLastError
ReadFile
LocalSize
SetFileAttributesW
Sleep
WaitForSingleObject
IsBadReadPtr
GetFileAttributesA
SuspendThread
MapViewOfFile
SetLastError
EnterCriticalSection
GetCommandLineW
GetDriveTypeA

uxtheme

CloseThemeData
OpenThemeData
SetWindowTheme
DrawThemeBackground
GetThemeTextExtent
GetThemeBool
GetThemeTextMetrics
GetThemeColor
GetThemeEnumValue
IsThemeActive
GetWindowTheme
DrawThemeEdge
CloseThemeData

deskmon

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 738KB - Virtual size: 738KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy