602b8bbf6a25512b56196f003df4ea2b31d54e99d57c3c498e093960e9863780 | Triage

Submit
Reports

Overview

overview

Static

static

602b8bbf6a...80.exe

windows7-x64

602b8bbf6a...80.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

602b8bbf6a25512b56196f003df4ea2b31d54e99d57c3c498e093960e9863780.exe

Resource

win7-20220901-en

ramnit banker evasion persistence spyware stealer trojan worm

windows7-x64

18 signatures

150 seconds

Behavioral task

behavioral2

Sample

602b8bbf6a25512b56196f003df4ea2b31d54e99d57c3c498e093960e9863780.exe

Resource

win10v2004-20220812-en

ramnit banker evasion spyware stealer trojan worm

windows10-2004-x64

19 signatures

150 seconds

General

Target

602b8bbf6a25512b56196f003df4ea2b31d54e99d57c3c498e093960e9863780
Size

137KB
MD5

530d2eb431f4f19f04407810ba0d55a0
SHA1

fb1047539ededa8b1241fc8449b2415535ebed27
SHA256

602b8bbf6a25512b56196f003df4ea2b31d54e99d57c3c498e093960e9863780
SHA512

a0e09c78020322c74c721304c2cec98afa4bd9dece48be27889a58ee18c3a90506b0c1defc0530828238d0cb2156ed4da45aa940da898e6e7329abf61a65e37b
SSDEEP

3072:bj3D3qub7rLfv5M1d2XhzxmtcPhRuGk8C:P3Ge7/fhM1ehzxtJNx

Score

N/A

Malware Config

Signatures

Files

602b8bbf6a25512b56196f003df4ea2b31d54e99d57c3c498e093960e9863780
.exe windows x86

546a0a72c1ba570ce9f5a7191f92311c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GlobalCompact
GetBinaryTypeW

wtsapi32

WTSQueryUserToken
WTSEnumerateSessionsA
WTSOpenServerA
WTSCloseServer

mpr

WNetGetUserA
WNetGetUniversalNameA
WNetGetConnectionA

Sections

.text
Size: - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 71KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy