1af020031ff7cf1742fc4b94f642f338385ff15f27dd2057c86a61cde986b703 | Triage

Submit
Reports

Overview

overview

Static

static

1af020031f...03.exe

windows7-x64

1af020031f...03.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

1af020031ff7cf1742fc4b94f642f338385ff15f27dd2057c86a61cde986b703.exe

Resource

win7-20220901-en

persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

1af020031ff7cf1742fc4b94f642f338385ff15f27dd2057c86a61cde986b703.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

1af020031ff7cf1742fc4b94f642f338385ff15f27dd2057c86a61cde986b703
Size

134KB
MD5

78ce241bed412216b01f2909c389891c
SHA1

778ed258a6a61ee9d8dfbd5d761a2edd84b530d1
SHA256

1af020031ff7cf1742fc4b94f642f338385ff15f27dd2057c86a61cde986b703
SHA512

f5cba3cf4b5d20d52494b48cb9ad30efa19f54e0be928e20cb553f215ecb5aa34de5fd043b1d6a5171a50fa295e633fd15040de4d690898c16553fba3dc3c357
SSDEEP

3072:i3paKKcUzKbASD+kH7ucBXofd3+VDFuaqHTwFCJwBKWn3Owo:i3/tUzoH+kbu+shw5fCJwXOd

Score

N/A

Malware Config

Signatures

Files

1af020031ff7cf1742fc4b94f642f338385ff15f27dd2057c86a61cde986b703
.exe windows x86

b63c23ee4246af6ac036eab457c9383e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW

user32

EnumDisplaySettingsW

shell32

ShellExecuteW

kernel32

IsDebuggerPresent
TerminateThread
UnhandledExceptionFilter
TerminateProcess
InterlockedExchange
CreateIoCompletionPort
SetUnhandledExceptionFilter
Sleep
EnumResourceNamesW
GetSystemTimeAsFileTime
InterlockedCompareExchange
GetCurrentProcessId
ExitProcess
GetTickCount
GetCurrentThreadId
QueryPerformanceCounter
GetStartupInfoW
GetCurrentProcess

comctl32

InitCommonControlsEx

clusapi

CloseCluster

Sections

.text
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rscr
Size: 512B - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy