f096700bf24046ee63031adff15eadb1c3a4e6a2801e3169ea7b2f718fc18c63 | Triage

Submit
Reports

Overview

overview

Static

static

f096700bf2...63.dll

windows7-x64

f096700bf2...63.dll

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

f096700bf24046ee63031adff15eadb1c3a4e6a2801e3169ea7b2f718fc18c63.dll

Resource

win7-20220812-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

f096700bf24046ee63031adff15eadb1c3a4e6a2801e3169ea7b2f718fc18c63.dll

Resource

win10v2004-20220812-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

7 signatures

150 seconds

General

Target

f096700bf24046ee63031adff15eadb1c3a4e6a2801e3169ea7b2f718fc18c63
Size

128KB
MD5

a0e5b0cd7a08fa22fb9b7185f4b10280
SHA1

456b4c05ddac228edfa819f01e6f01e7f157d3e4
SHA256

f096700bf24046ee63031adff15eadb1c3a4e6a2801e3169ea7b2f718fc18c63
SHA512

cb993ea4cc34cf69281808296f412e48cc86d30d9ed321763d22bbb845496f9daa5e8f6ab328335271ed735d71163956e7c194c92547ad3cc13571c72444fa09
SSDEEP

3072:Bv/4O1i+QYJl64/CQ91+OZuCaWBPejw7n18b6/EPoDfJ9vqw:B4O1i+ppx+OlFBWjwz1bsPoLh

Score

N/A

Malware Config

Signatures

Files

f096700bf24046ee63031adff15eadb1c3a4e6a2801e3169ea7b2f718fc18c63
.dll windows x86

749d12d2707eeda106dd6cec877463ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcr90

_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_amsg_exit
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_initterm_e
_initterm
_decode_pointer
_encoded_null
free
_malloc_crt
_encode_pointer
??2@YAPAXI@Z
_crt_debugger_hook
??3@YAXPAX@Z

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime

Exports

Exports

CanUnload
RMACreateInstance

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 108KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy