ramest[.]dll | Triage

Submit
Reports

Overview

overview

Static

static

ramest.dll

windows7_x64

ramest.dll

windows10-2004_x64

9

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

ramest.dll

Resource

win7-20220414-en

bumblebee 0905r evasion trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

ramest.dll

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

General

Target

ramest.dll
Size

1.3MB
MD5

485b65ea3f28d1cd17cd4339662e048a
SHA1

13da23476ed7c8211fa49380176eabb17c1a9408
SHA256

4c9ffef418385fdd0aa0e6ea1c0e29f3a7a4af51fbcfd011d0797d6e62c8ccfe
SHA512

5a7ec093b452a26755b5a64b5606a9ae05710199a23d63cdde571d5c00a80efd8646d35c5775a8234f155ee011ef8c3a12a3c64669525d6397f200d5fef961f0
SSDEEP

24576:ZdyqGb318EyKM8V/kQe2SvRjRlOeDE20qu03dw21HKE4m6SlT0NxhPivyie9tXLJ:vyqg2x3ih

Score

N/A

Malware Config

Signatures

Files

ramest.dll
.dll windows x64

66356a654249c4824378b1a70e7cc1e5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

CreateFileA
DeleteFileA
LockFile
UnlockFile
WriteFile
CloseHandle
GetLastError
HeapAlloc
HeapFree
GetProcessHeap
ExitProcess
CreateThread
GetCurrentThreadId
GetModuleFileNameA
SwitchToFiber
DeleteFiber
CreateFiber
ConvertThreadToFiber
CreateFileMappingA
GetCurrentActCtx

Exports

Exports

SjVjlixjPb

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 902KB - Virtual size: 901KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 410KB - Virtual size: 410KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy