c93971ebe292a54564c5fb4009bb15611425414596350e6821f85ade277edf74 | Triage

Submit
Reports

Overview

overview

8

Static

static

c93971ebe2...74.exe

windows7-x64

8

c93971ebe2...74.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

c93971ebe292a54564c5fb4009bb15611425414596350e6821f85ade277edf74.exe

Resource

win7-20221111-en

persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

c93971ebe292a54564c5fb4009bb15611425414596350e6821f85ade277edf74.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

2 signatures

150 seconds

General

Target

c93971ebe292a54564c5fb4009bb15611425414596350e6821f85ade277edf74
Size

180KB
MD5

f619e8274759d93028a99551839d6d35
SHA1

1ca0b80e266e62216621e48a1b34278819ab229d
SHA256

c93971ebe292a54564c5fb4009bb15611425414596350e6821f85ade277edf74
SHA512

c3fa38dcacc54f4b885171281cb8e8f33e14c677eae937d902976815cb882c92c76370935e962cacac553e75293380577a4fd63f3399dbba1498b19e33bb4c4e
SSDEEP

3072:Xt6TpmG1wF93hpd5yFYPRrx8gYiN0SH3JDSEJNKp2/ZtJzWrYXabbN8A/uCwgONG:Xt6Eac93nz/PRrx8g10SHZDfJNg2RLzn

Score

N/A

Malware Config

Signatures

Files

c93971ebe292a54564c5fb4009bb15611425414596350e6821f85ade277edf74
.exe windows x86

aa83ec1375e819f2a1e597fa9bc0da5b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend
TransparentBlt

gdi32

GetDeviceCaps
DeleteObject
GetTextMetricsA
GetTextExtentPointA
SelectObject
CreateFontIndirectA

ole32

CoGetMalloc
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2
CoTaskMemRealloc

kernel32

MultiByteToWideChar
HeapSize
GetACP
GetCPInfo
QueryPerformanceCounter
GetCPInfoExW
UnhandledExceptionFilter
RaiseException
TlsSetValue
DeleteCriticalSection
GetVersionExA
LeaveCriticalSection
GetLastError
FreeEnvironmentStringsA
GetThreadLocale
EnumResourceTypesA
WriteFile
FreeEnvironmentStringsW
GetOEMCP
EnterCriticalSection
GetStartupInfoA
GetTickCount
InterlockedExchange
SetHandleCount
GetStdHandle
TlsGetValue
GetEnvironmentStrings
LoadLibraryW
GetEnvironmentStringsW
InterlockedIncrement
InitializeCriticalSection
WideCharToMultiByte
lstrlenW
GetFileType
GetLocaleInfoA
GetCurrentProcessId

Sections

.text
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy