b94cd58d33d8f53de91594645dcb542f821bd15aa307763124f72558ad086d1a | Triage

Submit
Reports

Overview

overview

Static

static

b94cd58d33...1a.exe

windows7-x64

b94cd58d33...1a.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

b94cd58d33d8f53de91594645dcb542f821bd15aa307763124f72558ad086d1a.exe

Resource

win7-20220812-en

ramnit adware banker discovery spyware stealer trojan upx worm

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

b94cd58d33d8f53de91594645dcb542f821bd15aa307763124f72558ad086d1a.exe

Resource

win10v2004-20220812-en

adware discovery stealer upx

windows10-2004-x64

10 signatures

150 seconds

General

Target

b94cd58d33d8f53de91594645dcb542f821bd15aa307763124f72558ad086d1a
Size

580KB
MD5

a2c1940cef9649b3833d37b69d9305e0
SHA1

a03340b198755751ce733134afefefd46b77ba0d
SHA256

b94cd58d33d8f53de91594645dcb542f821bd15aa307763124f72558ad086d1a
SHA512

bfc5302303b3fb65333b6c0fedf29c4ac6b6a5f9ce51cd8b40e9206bc4eaae565732115cab642fc1c012846230fc04dc78750413cf54d5ae16f6bd133136d78c
SSDEEP

12288:ITOAkRj7IqoRHaxYmzzxrFdLh/20lRSgiWt1HhJMWKD:I6AkRjyaxYmdxdLxtJt1BJMb

Score

N/A

Malware Config

Signatures

Files

b94cd58d33d8f53de91594645dcb542f821bd15aa307763124f72558ad086d1a
.exe windows x86

aac60df60ca85a65dc1aa5d99d8cccdd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryA
lstrlenA
GetTempPathA
RemoveDirectoryA
SetCurrentDirectoryA
EnumResourceNamesA
GetUserDefaultLangID
WriteFile
CreateFileA
LockResource
LoadResource
SizeofResource
FindResourceA
GetExitCodeProcess
WaitForSingleObject
CloseHandle
CreateProcessA
GetPriorityClass
GetCurrentProcess
GetCommandLineA
lstrcmpiA
DeleteFileA
SetFileAttributesA
lstrcatA
GetStartupInfoA
ExitProcess
GetModuleHandleA

user32

CharNextA
wsprintfA

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 906B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 456KB - Virtual size: 452KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy