c0267cb92802714bed7fcdbe4733f33b8db0352d758551e1ca10f722b085421e | Triage

Submit
Reports

Overview

overview

Static

static

c0267cb928...1e.exe

windows7-x64

c0267cb928...1e.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

c0267cb92802714bed7fcdbe4733f33b8db0352d758551e1ca10f722b085421e.exe

Resource

win7-20221111-en

persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

c0267cb92802714bed7fcdbe4733f33b8db0352d758551e1ca10f722b085421e.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

2 signatures

150 seconds

General

Target

c0267cb92802714bed7fcdbe4733f33b8db0352d758551e1ca10f722b085421e
Size

190KB
MD5

a2f3a4037c313d040e134c95a708e12a
SHA1

550289d10da5b83fe73457560a467d779b04a00c
SHA256

c0267cb92802714bed7fcdbe4733f33b8db0352d758551e1ca10f722b085421e
SHA512

a2d8bb685cf672d7b207306860cb47777d927e29d4bf8631e157e763622c78d60dc4dbe45f130f61de6423f00c1f8f7d05d94c680b94127f4708e6aa5b58229a
SSDEEP

3072:0R8TYSgBDu3GhSFNA909X9TKhRclFkpcHs5X9HHGjzLRyYuuoDs6sOY9i:KML3GhSFNT9l86WCHs59GCjDslA

Score

N/A

Malware Config

Signatures

Files

c0267cb92802714bed7fcdbe4733f33b8db0352d758551e1ca10f722b085421e
.exe windows x86

27b0dce188e12da7a96ba62c2889833c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvfw32

ICSendMessage
ICClose
ICOpen
ICDecompress

kernel32

CloseHandle
GetShortPathNameA
GetModuleHandleW
GetCurrentThreadId
GetFileInformationByHandle
UnhandledExceptionFilter
EnumResourceTypesW
GetCurrentProcessId
GlobalFree
ExitProcess
CreateFileW
LoadLibraryW
GetProcAddress
GetLastError
GetVersionExW

user32

GetClientRect
GetWindowPlacement
PostMessageW
SetCursor
SetRectEmpty
InvalidateRect
AdjustWindowRectEx
FillRect

advapi32

RegQueryValueExW
RegEnumKeyExW
RegCreateKeyW
RegSetValueExW
RegCloseKey
RegDeleteKeyW
RegOpenKeyExW
RegSetValueW

Sections

.text
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy