Trojan-Ransom[.]Win32[.]Agent[.]hsf-ff3c6ed09f032f26da9825d220ab05901d10d41c79c949125463782300bd809d | Triage

Submit
Reports

Overview

overview

3

Static

static

Trojan-Ran...nt.exe

windows7-x64

3

Trojan-Ran...nt.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

Trojan-Ransom.Win32.Agent.exe

Resource

win7-20220812-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

Trojan-Ransom.Win32.Agent.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

Trojan-Ransom.Win32.Agent.hsf-ff3c6ed09f032f26da9825d220ab05901d10d41c79c949125463782300bd809d
Size

87KB
MD5

c9deef3a098e43b4749fa0f0492eb383
SHA1

89117dbc094fe2b8ee4c951c36bf19890ecfe863
SHA256

ff3c6ed09f032f26da9825d220ab05901d10d41c79c949125463782300bd809d
SHA512

d1bdc6c1a2b4a4e4116fbf9d252a96dc7d4763c3841822ddbe6d8a74ae394c8708a620df871ae2b84408b5b6900c22c2ed4fb7c15b3396026d841e1475b65d9f
SSDEEP

1536:dldhezkMgHPEFprYi4RvrRVwGcz6WuVSymtyTFDQQ+rmbhlGlKWp8:dLKkMgvkdf4R1Svz6WfnYFmrmbhS8

Score

N/A

Malware Config

Signatures

Files

Trojan-Ransom.Win32.Agent.hsf-ff3c6ed09f032f26da9825d220ab05901d10d41c79c949125463782300bd809d
.exe windows x86

6e9da68632d670eb23b87a541a0d5496

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RemoveDirectoryA
RemoveDirectoryA
GetVersion
GetModuleHandleA
FindClose
GetDriveTypeW
WriteConsoleA
GetCommandLineA
SetVolumeLabelA
ExitThread
HeapFree
CreatePipe
WriteFile
VirtualProtectEx
ReleaseMutex
CreateDirectoryA
ResetEvent
FindAtomA
SetStdHandle
FindClose
IsBadWritePtr
GetSystemTime
GetFileType
SetEvent
CreateSemaphoreW

uxtheme

GetThemeTextMetrics
SetWindowTheme
GetThemeSysSize
CloseThemeData
OpenThemeData
DrawThemeBackground
GetThemeTextExtent
GetWindowTheme
IsThemeActive
GetThemeRect
DrawThemeEdge
GetThemeColor
CloseThemeData

pstorsvc

Start
Start
Start
Start

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy