1c5aaf30302a7813f7da18a777be2c7717b4739b5c3e533cbdaafeb3e291bbb8 | Triage

Submit
Reports

Overview

overview

Static

static

1c5aaf3030...b8.exe

windows7-x64

1c5aaf3030...b8.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

1c5aaf30302a7813f7da18a777be2c7717b4739b5c3e533cbdaafeb3e291bbb8.exe

Resource

win7-20221111-en

persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

1c5aaf30302a7813f7da18a777be2c7717b4739b5c3e533cbdaafeb3e291bbb8.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

1c5aaf30302a7813f7da18a777be2c7717b4739b5c3e533cbdaafeb3e291bbb8
Size

164KB
MD5

67c37c2bcf715e7227fa06a58c4f07c0
SHA1

1144885d5095e7fef7b9278e45d4c3a1ec3990b6
SHA256

1c5aaf30302a7813f7da18a777be2c7717b4739b5c3e533cbdaafeb3e291bbb8
SHA512

67abf56968e506dd9fd1f876e1b472ad3c59f989d44f3cfde9287693e8b4b9248dcad4ef464c3fcf178f8ef016d850a3244ca12594dbd29bb62c77ba3c03f582
SSDEEP

3072:zpJmmelITYxsn3vtKfZ77YPheaXLuYtQ3HDQ35N4GCNiMumMPD:VJjLsxi2YpNQ3jYYGCNiXmMPD

Score

N/A

Malware Config

Signatures

Files

1c5aaf30302a7813f7da18a777be2c7717b4739b5c3e533cbdaafeb3e291bbb8
.exe windows x86

fe640fe39acdf08d27349b239fbde9aa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumResourceLanguagesW
FindFirstFileA
GlobalGetAtomNameW
QueryPerformanceCounter
ReadFile
WideCharToMultiByte
GetModuleHandleA
GetCurrentProcessId
EnumResourceTypesA
GetCurrentThreadId
SetFilePointer
GlobalHandle
GetSystemDirectoryW
FindNextFileA
IsDBCSLeadByte
lstrlenA
WriteFile
FindClose

newdev

UpdateDriverForPlugAndPlayDevicesA

oleacc

LresultFromObject
CreateStdAccessibleProxyW

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy