Trojan-Ransom[.]Win32[.]Agent[.]hsf-5d89915eda0c7d9f5823c9f9553508f24584a2142ff1ab91c212123d31d94e43 | Triage

Submit
Reports

Overview

overview

Static

static

Trojan-Ran...nt.exe

windows7-x64

Trojan-Ran...nt.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

Trojan-Ransom.Win32.Agent.exe

Resource

win7-20220812-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

Trojan-Ransom.Win32.Agent.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

Trojan-Ransom.Win32.Agent.hsf-5d89915eda0c7d9f5823c9f9553508f24584a2142ff1ab91c212123d31d94e43
Size

56KB
MD5

f4876d39b95710c92f319b8eecb2d161
SHA1

8273cc5a3470833f30ce2abc036b68e2db083a45
SHA256

5d89915eda0c7d9f5823c9f9553508f24584a2142ff1ab91c212123d31d94e43
SHA512

7caafcd89db691ccf6896933f0b8ec96d8754a939ef308ca436ce13025dc1e0a5fde87f6c349804e9967e28df39236201610c4e6f405960dc107922f25d71d95
SSDEEP

768:Fou4PkiESjyELC0FArXX+3DwvCT3IgxoDnLcPpaqiKuzy6rb7TzV1QafqURHjtAl:FFSuEVUg23cPparW6rb73XQaSQjY

Score

N/A

Malware Config

Signatures

Files

Trojan-Ransom.Win32.Agent.hsf-5d89915eda0c7d9f5823c9f9553508f24584a2142ff1ab91c212123d31d94e43
.exe windows x86

4241b0b49e6c1e86606bdec671ec5b36

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseMutex
FindClose
GetFileType
IsBadCodePtr
GetSystemTime
SetVolumeLabelW
SetStdHandle
GetVersion
HeapFree
ResetEvent
WriteConsoleA
GetCommandLineA
FindClose
RemoveDirectoryA
RemoveDirectoryA
CreateMailslotA
CreateSemaphoreW
FindAtomA
WriteFile
GetModuleHandleA
GetDriveTypeW
CreateDirectoryA
VirtualProtectEx
ExitThread
SetEvent

uxtheme

OpenThemeData
DrawThemeBackground
IsThemeActive
GetThemeTextMetrics
DrawThemeEdge
CloseThemeData
GetThemeTextExtent
GetThemeRect
GetThemeColor
SetWindowTheme
CloseThemeData
GetThemeSysSize
GetWindowTheme

pstorsvc

Start
Start
Start
Start

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy