Dropped Files

Name e2ab20947faaaa3b_rifaien2-8unazgumkyfkowoa.exe
Download Submit file
Filepath C:\Users\Administrator\AppData\Local\Temp\rifaien2-8UNaZguMkYfKOwOA.exe
Size 236.0KB
Processes 3032 (87c3977c1cc5bf488ec02c250c9d1a3e25520635ca2a6150763704d763ee234d.exe)
Type PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed
MD5 3be7a3ba936d59e7c005ae6a45f60810
SHA1 cb256f40ba2712ef4e0982ed5082c92eec2dd016
SHA256 e2ab20947faaaa3b96236a4026db560be8aa6f47ce351be005dedad97da2c37f
CRC32 E8E832F9
ssdeep None
Yara
  • UPX - (no description)
  • suspicious_packer_section - The packer/protector section names/keywords
  • network_tcp_listen - Listen for incoming communication
  • network_tcp_socket - Communications over RAW socket
  • network_dns - Communications use DNS
VirusTotal Search for analysis
Cuckoo

We're processing your submission... This could take a few seconds.