c2d9840e330d791b9827b147c3dc0a89a346dcaab44ca146a67096e441e36103 | Triage

Submit
Reports

Overview

overview

8

Static

static

c2d9840e33...03.exe

windows7-x64

8

c2d9840e33...03.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

c2d9840e330d791b9827b147c3dc0a89a346dcaab44ca146a67096e441e36103.exe

Resource

win7-20220901-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

c2d9840e330d791b9827b147c3dc0a89a346dcaab44ca146a67096e441e36103.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

c2d9840e330d791b9827b147c3dc0a89a346dcaab44ca146a67096e441e36103
Size

801KB
MD5

a48260d50ab3383d813bd55392e61aed
SHA1

b939f8a0a5b9f9529a6201872deefe9fede43171
SHA256

c2d9840e330d791b9827b147c3dc0a89a346dcaab44ca146a67096e441e36103
SHA512

f36aac0a95846fe482afbfa6647d50be77d90ed2e35a1f0288ed3c59a1d611871594f2c9f7cb3f6efe42ed6699607f23e6b45f47f67c0249e581cce45da8bc1f
SSDEEP

12288:laAMJ/kvJhlUdG2pd2efkxHfFfzM+qkAlETDrQinDMvDn020Ddz1lgoTgUaR:lLWOJbs/elFhfQinDID0n1lgol

Score

N/A

Malware Config

Signatures

Files

c2d9840e330d791b9827b147c3dc0a89a346dcaab44ca146a67096e441e36103
.exe windows x86

4cea69573136e750c3a501eefffa8900

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetStringTypeA
lstrcatA
ReadFile
CloseHandle
SetConsoleTitleA
HeapCreate
SetFileTime
lstrcpyA
CreateEventA
HeapSize
GetLastError
SetFileTime
InterlockedExchange
GetStartupInfoW
IsBadWritePtr
GetModuleHandleA
LoadLibraryA
LeaveCriticalSection
GetFileSize
GetExitCodeProcess
SetFileTime

mstscax

DllGetClassObject
DllRegisterServer
DllUnregisterServer
DllCanUnloadNow

shell32

DragQueryFileA
StrChrA
SHGetSettings
SHFree
SHGetDiskFreeSpaceA
DragAcceptFiles
DuplicateIcon
ShellMessageBoxW
DragFinish
ExtractIconA
ShellAboutA
DllUnregisterServer
SHGetMalloc

rasapi32

DwRasUninitialize

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rich
Size: 1KB - Virtual size: 176B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ole
Size: 512B - Virtual size: 112B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 787KB - Virtual size: 786KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy