af5f6f001906ffa1e6ff36f018bff3cccb3fae3d1ecfe97d7d36c727dfceefee | Triage

Submit
Reports

Overview

overview

8

Static

static

af5f6f0019...ee.exe

windows7-x64

8

af5f6f0019...ee.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

af5f6f001906ffa1e6ff36f018bff3cccb3fae3d1ecfe97d7d36c727dfceefee.exe

Resource

win7-20220812-en

discovery persistence upx

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

af5f6f001906ffa1e6ff36f018bff3cccb3fae3d1ecfe97d7d36c727dfceefee.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

2 signatures

150 seconds

General

Target

af5f6f001906ffa1e6ff36f018bff3cccb3fae3d1ecfe97d7d36c727dfceefee
Size

768KB
MD5

a32bdcd14f49a5c98ad5e17c2025e789
SHA1

65fc9676eeeaf1a255621745ea4b0420388b9c90
SHA256

af5f6f001906ffa1e6ff36f018bff3cccb3fae3d1ecfe97d7d36c727dfceefee
SHA512

d9ab413c6ba9ec8a663f1d1c1ba507f6746510a34d1f9d80de0d501a4be6de2c39fbfb5089ff716863519e1e512d8bc651db138a5864bee3d739e0389b3990c4
SSDEEP

12288:sifNSbY12eIVxAUaZbE0E7pY9A7kP2Y6uYJfny1RMMUdu5wN7wDAZIH8U:Mb7eIVOUaZb9E7yS7+zEyKMU0Q7w7

Score

N/A

Malware Config

Signatures

Files

af5f6f001906ffa1e6ff36f018bff3cccb3fae3d1ecfe97d7d36c727dfceefee
.exe windows x86

1edc3f90f01d4916f17920c113e4b6f2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
SetLastError
lstrlenA
GetFileAttributesA
GetProcessHeap
ReadConsoleW
CreateSemaphoreA
SetEvent
LoadLibraryA
GetLocalTime
GetTickCount
GetStartupInfoA
VirtualProtectEx
CloseHandle
CreateDirectoryW
CreateMutexA
DeleteFileW
GlobalFree
CreateHardLinkW
Sleep
HeapSize

rsaenh

DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer

traffic

TcAddFlow
TcAddFilter
TcDeleteFlow
TcDeleteFilter

Sections

.text
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 760KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy