af428e1d1dcf678d8a8827aa8cfc59f666be609e439021ed99f4eef774d9536d | Triage

Submit
Reports

Overview

overview

8

Static

static

af428e1d1d...6d.exe

windows7-x64

8

af428e1d1d...6d.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

af428e1d1dcf678d8a8827aa8cfc59f666be609e439021ed99f4eef774d9536d.exe

Resource

win7-20221111-en

spyware stealer upx

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

af428e1d1dcf678d8a8827aa8cfc59f666be609e439021ed99f4eef774d9536d.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

af428e1d1dcf678d8a8827aa8cfc59f666be609e439021ed99f4eef774d9536d
Size

180KB
MD5

8ba785e58f986ea523ba6d8771255e41
SHA1

c8582ffa64251633a4a6e14d970d1c45e8bc6976
SHA256

af428e1d1dcf678d8a8827aa8cfc59f666be609e439021ed99f4eef774d9536d
SHA512

296a439c57a84afb8b832d9fb047163ffcad89dd2cd4fb118363aba3465aed786302bb430bde5eefe6e8b9c3ee9e619a20669c724b422b590827ae15eb69006f
SSDEEP

3072:wfU1IxU4xOl7YYVghi4BP5C0LVDoJlpkxAkjM+pgFl1B:gxR8s9BM0yJlpkxVjM+6T

Score

N/A

Malware Config

Signatures

Files

af428e1d1dcf678d8a8827aa8cfc59f666be609e439021ed99f4eef774d9536d
.exe windows x86

ea3a89d4738da4a575c2ed98469c3146

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathSkipRootW
SHRegGetValueW
StrDupW
PathIsUNCW
PathGetArgsW
PathFindFileNameW

kernel32

GetCalendarInfoW
GetCurrentProcess
LocalAlloc
GetCurrentDirectoryW
GetFileInformationByHandle
SearchPathW
VirtualQuery
OutputDebugStringA
lstrlenW
LocalFree
GetModuleHandleW
GetProcessId
DuplicateHandle
MultiByteToWideChar
OutputDebugStringW
ExitProcess
GetLastError
GetProcAddress
lstrcmpiW
EnumResourceNamesA
GetFileAttributesW
VirtualProtect
GetModuleFileNameW
FreeLibrary
InitializeCriticalSection
GetCurrentThreadId
GetModuleHandleA
InterlockedExchange
CreateDirectoryW
WideCharToMultiByte
SetEnvironmentVariableW
SetLastError
Sleep

gdiplus

GdipGetImageWidth
GdipDisposeImage

ole32

CoGetDefaultContext
CoInitialize
CoUninitialize
StringFromGUID2
CoTaskMemAlloc
CoTaskMemFree

Sections

.text
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy