af907b0473be35c26befa68c0e0b3aff2a8f0c37b353753fa82d82b20282e370 | Triage

Submit
Reports

Overview

overview

Static

static

af907b0473...70.exe

windows7-x64

af907b0473...70.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

af907b0473be35c26befa68c0e0b3aff2a8f0c37b353753fa82d82b20282e370.exe

Resource

win7-20220812-en

evasion persistence

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

af907b0473be35c26befa68c0e0b3aff2a8f0c37b353753fa82d82b20282e370.exe

Resource

win10v2004-20220812-en

evasion persistence

windows10-2004-x64

4 signatures

150 seconds

General

Target

af907b0473be35c26befa68c0e0b3aff2a8f0c37b353753fa82d82b20282e370
Size

18KB
MD5

e39ee0e7ffffcce692e92fe025de99b7
SHA1

13135b5007a9a665c5f9a1b84869fbb7b3f0d6bf
SHA256

af907b0473be35c26befa68c0e0b3aff2a8f0c37b353753fa82d82b20282e370
SHA512

956072a1d993768950645b1031adb83470f8c73f6daafab8f26f8f0c1682418d6ec442f44285754421ac1ecc843bdc4b8f57c8654786074099646bb19650c5b4
SSDEEP

192:9Qbo0z0Ex0i2WhSuAMkM4fhSGDqbLo5I+WRlT6Omb5NaT8nIS/mFyngTlQMp+:Obzz9AMG4GOUp0YPPE8n3/mFeklzp+

Score

N/A

Malware Config

Signatures

Files

af907b0473be35c26befa68c0e0b3aff2a8f0c37b353753fa82d82b20282e370
.exe windows x86

83c9f1857026c189edfde8365c0afeae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetModuleHandleA
GetWindowsDirectoryA
ReadFile
Sleep
GetCommandLineA
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA
ExitProcess
CreateMutexA
CreateFileA
CopyFileA
WritePrivateProfileStringA
CloseHandle

user32

GetKeyNameTextA
GetMessageA
GetForegroundWindow
LoadIconA
MessageBoxA
RegisterHotKey
SendMessageA
SetWindowsHookExA
UnhookWindowsHookEx
BeginPaint
CallNextHookEx
DrawIcon
EndDialog
GetWindowTextA
EndPaint

wsock32

inet_addr
inet_ntoa
recv
send
socket
htons
connect
closesocket
WSAStartup
WSACleanup
gethostbyname

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy