Trojan-Ransom[.]Win32[.]Agent[.]hsf-6d1201788078ef21463b11c17706e2b8cd444c89b636816816006c430e45200e | Triage

Submit
Reports

Overview

overview

5

Static

static

Trojan-Ran...nt.exe

windows7-x64

5

Trojan-Ran...nt.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

Trojan-Ransom.Win32.Agent.exe

Resource

win7-20220812-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

Trojan-Ransom.Win32.Agent.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

Trojan-Ransom.Win32.Agent.hsf-6d1201788078ef21463b11c17706e2b8cd444c89b636816816006c430e45200e
Size

56KB
MD5

b953af8c8317b3794358ab85685033c0
SHA1

6608f8308bf69a0ca0a88bd38e700b652dbdbc5e
SHA256

6d1201788078ef21463b11c17706e2b8cd444c89b636816816006c430e45200e
SHA512

20cbe93f6eeb06162ea8e4c03570dea88ba4b66433a1295af7813d0ad639578e8b9b8e41653f42c7afa2738bd8f0cdc4a715f26e200db7307db1384e9e10bdd1
SSDEEP

1536:pl3Mh/mW+0sBGjrzs9kHo5pIViUubBSjKbL:pJMhNDv4HKdoBS2

Score

N/A

Malware Config

Signatures

Files

Trojan-Ransom.Win32.Agent.hsf-6d1201788078ef21463b11c17706e2b8cd444c89b636816816006c430e45200e
.exe windows x86

d8eb3ce0820020447284590da561f57c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
GetFileType
GetDriveTypeW
WriteFile
VirtualProtectEx
FindAtomA
CreateSemaphoreW
ExitThread
CreatePipe
FindClose
GetVersion
FindClose
RemoveDirectoryA
SetStdHandle
CreateDirectoryA
ReleaseMutex
IsBadWritePtr
GetModuleHandleA
GetSystemTime
ResetEvent
RemoveDirectoryA
WriteConsoleA
SetVolumeLabelA
SetEvent
GetCommandLineA

uxtheme

GetThemeColor
GetThemeRect
DrawThemeEdge
GetWindowTheme
CloseThemeData
CloseThemeData
SetWindowTheme
GetThemeTextMetrics
GetThemeTextExtent
OpenThemeData
DrawThemeBackground
IsThemeActive
GetThemeSysSize

pstorsvc

Start
Start
Start
Start

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy