ab486aba1926431ff8f1cf1f3fcac0bb36b2352abc487a214683044a3ec26edf | Triage

Submit
Reports

Overview

overview

8

Static

static

ab486aba19...df.exe

windows7-x64

8

ab486aba19...df.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

ab486aba1926431ff8f1cf1f3fcac0bb36b2352abc487a214683044a3ec26edf.exe

Resource

win7-20220812-en

evasion persistence upx

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

ab486aba1926431ff8f1cf1f3fcac0bb36b2352abc487a214683044a3ec26edf.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

ab486aba1926431ff8f1cf1f3fcac0bb36b2352abc487a214683044a3ec26edf
Size

249KB
MD5

321339d7b64448eb85c836dfc063e1c0
SHA1

52bce0fe911b48acc3056a1eed421ed4afbbea1a
SHA256

ab486aba1926431ff8f1cf1f3fcac0bb36b2352abc487a214683044a3ec26edf
SHA512

cf83eaf50daeab863947b2a09084ce15dcf83159649337ff4886f3255b29d50f7e28443874749fbb7cf4de9b5609afa2ab9f7fadcad7bf4396ec58ffed82c4be
SSDEEP

6144:hVHaosPOvb27I91wkpzPQ/d45JCxlZd4izCW5rRhg23:hVgPOvb27SJm45OOizCW5N3

Score

N/A

Malware Config

Signatures

Files

ab486aba1926431ff8f1cf1f3fcac0bb36b2352abc487a214683044a3ec26edf
.exe windows x86

643eb4472aa66406b89e9e34ac2d10ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
DeleteFileA
FindClose
ExitProcess
GetSystemInfo
GetStartupInfoW
CloseHandle
GetEnvironmentVariableA
SetEndOfFile
SuspendThread
HeapSize
GetModuleHandleA
GetCurrentDirectoryA
WaitForSingleObject
GetFileSize
FindClose
HeapCreate
HeapDestroy
ResetEvent
ReleaseMutex
GetTickCount
AddAtomW
GetTickCount
CreateMutexW
CreateFileA

wininet

DeleteUrlCacheEntryA
FtpGetFileA
FtpFindFirstFileA
FtpDeleteFileA
FtpGetCurrentDirectoryA
FindCloseUrlCache
FtpCreateDirectoryA
HttpEndRequestA
HttpQueryInfoA
DeleteUrlCacheEntryA
FtpPutFileA
FtpOpenFileA
DeleteUrlCacheEntryA

perfos

CloseOSObject
CloseOSObject
CloseOSObject
CloseOSObject

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 708KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 243KB - Virtual size: 242KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy