af5429896261027ae6a840e9b94d79a4247dee7e85ea9486ca64eb6822c4ea86 | Triage

Submit
Reports

Overview

overview

3

Static

static

af54298962...86.exe

windows7-x64

1

af54298962...86.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

af5429896261027ae6a840e9b94d79a4247dee7e85ea9486ca64eb6822c4ea86.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

af5429896261027ae6a840e9b94d79a4247dee7e85ea9486ca64eb6822c4ea86.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

af5429896261027ae6a840e9b94d79a4247dee7e85ea9486ca64eb6822c4ea86
Size

9KB
MD5

ae2ef8166575fecb19762da32728f3ca
SHA1

dfb2d1b7f4d9db51193d8931c53e1d20c1767509
SHA256

af5429896261027ae6a840e9b94d79a4247dee7e85ea9486ca64eb6822c4ea86
SHA512

0b4df8dbb8fbab4cebf903a0ce58bdc4d490afe3277f98bfc04b7cf1e317e6161f00e86af02c8d94c0da12b0625ed5cf227c04153b4cd7344ca041defb282bf8
SSDEEP

192:lWko+a6wNMhPJeoXG4ZtG0MMnNannFjx4vZekAzmWT1b:sko+8NMhPJekGWbMKan+ZekA1b

Score

N/A

Malware Config

Signatures

Files

af5429896261027ae6a840e9b94d79a4247dee7e85ea9486ca64eb6822c4ea86
.exe windows x86

00f1e91c21530aca79644a822a098794

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CreateStreamOnHGlobal

kernel32

WriteFile
GetLastError
CloseHandle
CreateFileA
CreateFileMappingA
CreateThread
ExitProcess
GetCurrentProcess
lstrlenA
lstrcpyA
lstrcatA
GetModuleFileNameA
UnmapViewOfFile
Sleep
ReadFile
MapViewOfFile
LocalFree
LocalAlloc
LoadLibraryA
GlobalFree
GlobalAlloc
GetProcAddress
GetFileSize

oleaut32

SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreateVector

advapi32

RegOpenKeyA
LookupPrivilegeValueA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
AdjustTokenPrivileges
RegEnumValueA
RegCloseKey
OpenProcessToken

shlwapi

StrStrIA

wsock32

socket
shutdown
send
select
recv
listen
htons
htonl
getsockname
gethostname
gethostbyname
connect
closesocket
bind
accept
__WSAFDIsSet
WSAStartup
WSACleanup

Sections

Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 1KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nah
Size: 183B - Virtual size: 256B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy