5c35b079cdab560114e97cd7e796aa965e165b9bbe568829d808e97880b1f0be | Triage

Submit
Reports

Overview

overview

Static

static

34 Rhorder...ts.exe

windows7_x64

34 Rhorder...ts.exe

windows10-2004_x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

34 Rhorder Pillivuyt-Order Sheets.exe

Resource

win7-20220414-en

agenttesla collection keylogger persistence spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

34 Rhorder Pillivuyt-Order Sheets.exe

Resource

win10v2004-20220414-en

collection persistence spyware stealer

windows10-2004_x64

0 signatures

0 seconds

General

Target

5c35b079cdab560114e97cd7e796aa965e165b9bbe568829d808e97880b1f0be
Size

467KB
MD5

4127410ff98922773a12a423665caf2d
SHA1

185959e1cabf1dc6aaf59415770ccf26cbd67c18
SHA256

5c35b079cdab560114e97cd7e796aa965e165b9bbe568829d808e97880b1f0be
SHA512

200d7344f8f03fef83315472a4263d2c977c92305816b477221e38b18a8f6c8201516fa639d7cc337a5c32e1d7c87c171ad40b39ec147f80e2e3cb6fd9e9ae0f
SSDEEP

12288:Ct7I8BnohEzCfAp82Ix0SkQ3pINVr027dyDIOB3Uj86J:ORnofAOJlpd/dUj3J

Score

N/A

Malware Config

Signatures

Files

5c35b079cdab560114e97cd7e796aa965e165b9bbe568829d808e97880b1f0be
.zip
34 Rhorder Pillivuyt-Order Sheets.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 532KB - Virtual size: 531KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 189KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy