c2eff86a096386bf28dad35fd6164f7b06e6a71bf3ea99c5934d5b66d01903f9 | Triage

Submit
Reports

Overview

overview

8

Static

static

c2eff86a09...f9.exe

windows7-x64

8

c2eff86a09...f9.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

c2eff86a096386bf28dad35fd6164f7b06e6a71bf3ea99c5934d5b66d01903f9.exe

Resource

win7-20221111-en

spyware stealer upx

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

c2eff86a096386bf28dad35fd6164f7b06e6a71bf3ea99c5934d5b66d01903f9.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

c2eff86a096386bf28dad35fd6164f7b06e6a71bf3ea99c5934d5b66d01903f9
Size

169KB
MD5

2aa451fdd0b4881769db8acbe5aaf72b
SHA1

35fd543ee1a210bde5557df2ca05e236692f09dc
SHA256

c2eff86a096386bf28dad35fd6164f7b06e6a71bf3ea99c5934d5b66d01903f9
SHA512

ecce01104df710e0e80d96cc7a8d96410392532c8e89d94e3a0aad24079a6e4a95a364fdcb91c5346850cebbefc8c7dfef4e23ef22d22ad3730eee530044d1be
SSDEEP

3072:Y/+Il2N5F9m8bVVOr0QbDOhVbrcuDJXKJxO5yIMsShJ/iXID1nihWsz6k66mj:YWIl2s858rJXcpDJXKJxO5NpShJ/ianT

Score

N/A

Malware Config

Signatures

Files

c2eff86a096386bf28dad35fd6164f7b06e6a71bf3ea99c5934d5b66d01903f9
.exe windows x86

a76e65a5fbd971aa1089bae6f3d40c73

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

clusapi

CloseCluster

kernel32

GetLastError
InterlockedCompareExchange
ReplaceFileW
LocalAlloc
MultiByteToWideChar
lstrcmpiA
FindResourceA
GetProcessId
EnterCriticalSection
InterlockedExchange
lstrlenW
WideCharToMultiByte
GetSystemTimeAsFileTime
QueryPerformanceCounter
LeaveCriticalSection
EnumResourceTypesA
GetStartupInfoA
GetEnvironmentVariableA
Sleep
GetTickCount
ExitProcess
SizeofResource
RaiseException
GetCurrentThreadId
CreateProcessA
GetVersionExA
LoadResource
GetCurrentProcessId
LockResource
GetModuleFileNameA
lstrlenA
FindResourceExA
GetModuleHandleA

Sections

.text
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy