Edit tour
Windows
Analysis Report
AntSword.exe - #U5feb#U6377#U65b9#U5f0f.lnk
Overview
General Information
| Sample Name: | AntSword.exe - #U5feb#U6377#U65b9#U5f0f.lnk |
| Analysis ID: | 796121 |
| MD5: | d32354771cc48a9276d61673e28b8481 |
| SHA1: | 3392046cc9485ef007fef9f5f2871e6319911402 |
| SHA256: | 7914acd017e40a017aa6815c849244871b151bcf05e618b3b2d30c51f26a6eb7 |
Errors
| |
Detection
| Score: | 0 |
| Range: | 0 - 100 |
| Whitelisted: | false |
| Confidence: | 100% |
Signatures
No high impact signatures.
Classification
⊘No configs have been found
⊘No yara matches
⊘No Sigma rule has matched
⊘No Snort rule has matched
Click to jump to signature section
Show All Signature Results
There are no malicious signatures, click here to show all signatures.
| Source: | LNK file: | ||
| Source: | Classification label: | ||
⊘No Mitre Att&ck techniques found
| Source | Detection | Scanner | Label | Link |
|---|---|---|---|---|
| 0% | ReversingLabs |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
| Joe Sandbox Version: | 36.0.0 Rainbow Opal |
| Analysis ID: | 796121 |
| Start date and time: | 2023-02-01 16:54:36 +01:00 |
| Joe Sandbox Product: | CloudBasic |
| Overall analysis duration: | 0h 2m 12s |
| Hypervisor based Inspection enabled: | false |
| Report type: | full |
| Cookbook file name: | default.jbs |
| Analysis system description: | Windows 7 x64 SP1 with Office 2010 SP1 (IE 11, FF52, Chrome 57, Adobe Reader DC 15, Flash 25.0.0.127, Java 8 Update 121, .NET 4.6.2) |
| Number of analysed new started processes analysed: | 1 |
| Number of new started drivers analysed: | 0 |
| Number of existing processes analysed: | 0 |
| Number of existing drivers analysed: | 0 |
| Number of injected processes analysed: | 0 |
| Technologies: |
|
| Analysis Mode: | default |
| Analysis stop reason: | Timeout |
| Sample file name: | AntSword.exe - #U5feb#U6377#U65b9#U5f0f.lnk |
| Detection: | UNKNOWN |
| Classification: | unknown0.winLNK@0/0@0/0 |
| Cookbook Comments: |
|
- No process behavior to analyse as no analysis process or sample was found
- Corrupt sample or wrongly selected analyzer. Details: C0000001
- Exclude process from analysis (whitelisted): dllhost.exe
- VT rate limit hit for: AntSword.exe - #U5feb#U6377#U65b9#U5f0f.lnk
⊘No simulations
⊘No created / dropped files found
| File type: | |
| Entropy (8bit): | 4.242735360021169 |
| TrID: |
|
| File name: | AntSword.exe - #U5feb#U6377#U65b9#U5f0f.lnk |
| File size: | 1933 |
| MD5: | d32354771cc48a9276d61673e28b8481 |
| SHA1: | 3392046cc9485ef007fef9f5f2871e6319911402 |
| SHA256: | 7914acd017e40a017aa6815c849244871b151bcf05e618b3b2d30c51f26a6eb7 |
| SHA512: | 81d4fbc223e5a6e22556dbc10dc92f546d42e9a1330c55c820d2013ba01981fb44eaac6f69fdf99c8dd08d113f4e2927effeab88a50186951edee3c66e010c35 |
| SSDEEP: | 24:8+vffVyMzoKP4xt2Rp7YAJyAwCmdm5//tGXQGxiSfEpCRXm:8iffzTP4xt2H7BNmdmltGX7izpCRXm |
| TLSH: | B84101150FF30B1AF28EA7310AB0F00099703983E551CFCC9A98AB1D6D75B09A8B4F27 |
| File Content Preview: | L..................F.... ....0.Y.....0.Y.....0.Y............................[....P.O. .:i.....+00.../C:\...................P.1.....mT!1..tools.<.......mT.1mT!1.....m....................39#.t.o.o.l.s.....Z.1.....mTZ1..AntSword..B.......mT.1mTZ1.....m...... |
 | |
| Icon Hash: | aab2e3e38383a919 |
General | |
|---|---|
| Relative Path: | ..\..\..\tools\AntSword\AntSword-Loader-v4.0.3-win32-x64\AntSword-Loader-v4.0.3-win32-x64\AntSword.exe |
| Command Line Argument: | |
| Icon location: | |
Key Decision
Richest Path
Thread / callback creation
Lower opacity -> Library NodeReport size exceeds maximum size, go to the download page of this report and download PCAP to see all network behavior.
⊘No statistics
⊘No system behavior
⊘No disassembly