AFSExplorer[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

AFSExplorer.exe
Size

488KB
MD5

324a5d046b832f8d5f05ab2033bcb06c
SHA1

99e2d11b8db7bfbeb44ecce66afaf52ba1b81b86
SHA256

02a7a9d1025d236866e58f244194e46ea33ff03fac50f8860c8d6e1faaccbea2
SHA512

c760065a4563f8e89e30bb0e6f123ac550bcc50c9584f3def38dc901ef7fbbbd485ac90053fc8d78b8d97faf6b3f9d18541f612229cc1e60a216c3719756f9fd
SSDEEP

12288:JdzSCIKb/yZPYU8n2wbC8hWF70rHEcWDk8b+8zmi495bT72iVTXCXKFKfWh:JbOk8b+8zm71lTXC6oK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
AFSExplorer.exe

Files

AFSExplorer.exe
.exe windows:4 windows x86 arch:x86

c9e84bf0876856b9c99761ae34e59fc1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseSemaphore
GetVersionExA
GetCommandLineA
GetTempFileNameA
GetTempPathA
lstrlenA
SetCurrentDirectoryA
GetCurrentDirectoryA
SetEnvironmentVariableA
RaiseException
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
CreateFileA
SetStdHandle
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
CloseHandle
LCMapStringW
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
FlushFileBuffers
HeapSize
GetFileType
GetStdHandle
SetHandleCount
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
ReadFile
SetFilePointer
GetCurrentProcess
TerminateProcess
WriteFile
GetLastError
ExitProcess
GetVersion
GetStartupInfoA
GetModuleHandleA
RtlUnwind
CreateSemaphoreA
CopyFileA
WinExec
lstrcmpA
GetModuleFileNameA
FindClose
RemoveDirectoryA
InterlockedIncrement
InterlockedDecrement
FindFirstFileA
LoadLibraryA
GetProcAddress
FindNextFileA
ResetEvent
InterlockedCompareExchange
SetEvent
FreeLibrary
CreateEventA
CreateThread
WaitForSingleObject
lstrcatA
Sleep
lstrcpyA
GetProcessHeap
HeapAlloc
HeapFree
GetLocalTime
DeleteFileA
UnhandledExceptionFilter
CreateDirectoryA

user32

DefWindowProcA
CreatePopupMenu
CreateWindowExA
LoadIconA
GetDesktopWindow
GetWindowTextA
EnableMenuItem
SetDlgItemTextA
SendDlgItemMessageA
MessageBoxA
GetWindowDC
PostQuitMessage
SendMessageA
AppendMenuA
RegisterClassExA
LoadAcceleratorsA
GetMessageA
DispatchMessageA
TranslateAcceleratorA
ScreenToClient
DeleteMenu
GetSubMenu
GetMenu
LoadBitmapA
CheckMenuItem
GetMenuItemInfoA
GetDlgItem
DialogBoxParamA
SetFocus
InvalidateRect
GetWindowRect
GetClientRect
SetWindowPos
EndDialog
EnableWindow
CheckDlgButton
GetDlgItemTextA
IsDlgButtonChecked
SetWindowTextA
TranslateMessage
GetMenuItemCount
SetForegroundWindow
BringWindowToTop
DestroyWindow
GetDlgItemInt
CheckRadioButton
IsWindowVisible
BeginPaint
FillRect
EndPaint
LoadImageA
LoadCursorA
SetCursor
CreateDialogParamA
ShowWindow
ClientToScreen
DestroyMenu
SetWindowLongA
GetCursorPos
TrackPopupMenuEx
LoadMenuA
SetDlgItemInt

gdi32

GetStockObject
DeleteObject
TextOutA
DeleteDC
BitBlt
StretchBlt
CreateCompatibleDC
LineTo
MoveToEx
GetCurrentObject
CreatePen
CreateCompatibleBitmap
SelectObject
SetTextColor

comdlg32

GetOpenFileNameA
GetSaveFileNameA

comctl32

ImageList_ReplaceIcon
ord6
CreateToolbarEx
InitCommonControlsEx
ord17
ImageList_Destroy
ImageList_Create

shell32

SHGetFileInfoA
DragAcceptFiles
SHBrowseForFolderA
SHGetPathFromIDListA
DragQueryFileA
DragQueryPoint
DragFinish

winmm

PlaySoundA

advapi32

RegDeleteValueA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegCloseKey

ws2_32

connect
send
recv
WSACreateEvent
WSAEventSelect
WSACloseEvent
setsockopt
WSAStartup
shutdown
socket
bind
getsockname
closesocket
htons
accept
inet_addr
WSACleanup
listen

Sections

.text
Size: 288KB - Virtual size: 287KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 482KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c9e84bf0876856b9c99761ae34e59fc1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

comctl32

shell32

winmm

advapi32

ws2_32

Sections

.text Size: 288KB - Virtual size: 287KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 48KB - Virtual size: 482KB

.rsrc Size: 124KB - Virtual size: 121KB

.text
Size: 288KB - Virtual size: 287KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 48KB - Virtual size: 482KB

.rsrc
Size: 124KB - Virtual size: 121KB