Trojan-Ransom[.]Win32[.]Agent[.]hsk-22ac59ce5b97ca76099fd8a547440d0cf3a429ececb274a0b8463a08c0e0e42c | Triage

Submit
Reports

Overview

overview

Static

static

Trojan-Ran...nt.exe

windows7-x64

Trojan-Ran...nt.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

Trojan-Ransom.Win32.Agent.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

Trojan-Ransom.Win32.Agent.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

Trojan-Ransom.Win32.Agent.hsk-22ac59ce5b97ca76099fd8a547440d0cf3a429ececb274a0b8463a08c0e0e42c
Size

111KB
MD5

b52480d71ee9aae7c15aeff5ec84d372
SHA1

ac6841a9703571f5937988a9d03059a6c1cf4a01
SHA256

22ac59ce5b97ca76099fd8a547440d0cf3a429ececb274a0b8463a08c0e0e42c
SHA512

d87c60c4d19195dd737e2989b2173898eeb00482fc6f3e615d1e422a2e5ff7f33459f1104397f8520595899312895f2bef3293ea62cb78b382e6f02611ceaad0
SSDEEP

3072:b+MFVS5PS6aejh3/wbNCNdiepWgXxZyabC4/JIaN:yM0th3/INpepxryK/e

Score

N/A

Malware Config

Signatures

Files

Trojan-Ransom.Win32.Agent.hsk-22ac59ce5b97ca76099fd8a547440d0cf3a429ececb274a0b8463a08c0e0e42c
.exe windows x86

015362734ebd8009499581312e0d26c9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
FindAtomA
WriteFile
RemoveDirectoryA
GetCommandLineA
GetFileType
FindClose
ResetEvent
CreateMailslotA
SetStdHandle
SetEvent
ExitThread
GetVersion
IsBadCodePtr
SetVolumeLabelW
VirtualProtectEx
GetDriveTypeW
CreateEventA
FindClose
CreateDirectoryA
GetModuleHandleA
WriteConsoleA
HeapFree
RemoveDirectoryA
ReleaseMutex

uxtheme

DrawThemeEdge
IsThemeActive
CloseThemeData
GetThemeRect
GetThemeTextExtent
GetThemeColor
SetWindowTheme
DrawThemeBackground
OpenThemeData
GetWindowTheme
GetThemeTextMetrics
CloseThemeData
GetThemeSysSize

rasmxs

DeviceEnum
DeviceEnum
DeviceEnum
DeviceEnum

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy