Trojan-Ransom[.]Win32[.]Agent[.]hsk-0af8c214655dad73fc69dff24c903d2845838d908ca52e84c054f23300da0297 | Triage

Submit
Reports

Overview

overview

Static

static

Trojan-Ran...nt.exe

windows7-x64

Trojan-Ran...nt.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

Trojan-Ransom.Win32.Agent.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

Trojan-Ransom.Win32.Agent.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

Trojan-Ransom.Win32.Agent.hsk-0af8c214655dad73fc69dff24c903d2845838d908ca52e84c054f23300da0297
Size

111KB
MD5

a18472344f4cd15da2a7880dbb62e14d
SHA1

931cf8f219215b5695570c2aa6e411ffccf5aa65
SHA256

0af8c214655dad73fc69dff24c903d2845838d908ca52e84c054f23300da0297
SHA512

bffe2e1cfeb63d658f7e620504b3ee88430578958d5f230384c13286647974523d2978e5bd6105c2fe500827c7377bf826d895a33ff9175190e4dbed5efbf748
SSDEEP

3072:pNX+fXO7TBhwiio+YiPyeyMai2GAY9NqXZg:rX+fe7Hw63iq/MarVyNV

Score

N/A

Malware Config

Signatures

Files

Trojan-Ransom.Win32.Agent.hsk-0af8c214655dad73fc69dff24c903d2845838d908ca52e84c054f23300da0297
.exe windows x86

79dbdc84b67baa8c4aa7490c02ef39e3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RemoveDirectoryA
FindClose
GetVersion
SetEvent
GetFileType
ResetEvent
RemoveDirectoryA
GetCommandLineA
HeapFree
ReleaseMutex
WriteConsoleA
SetVolumeLabelW
CreateMailslotA
FindClose
FindAtomA
CreateDirectoryA
SetStdHandle
GetModuleHandleA
GetSystemTime
GetDriveTypeW
ExitThread
IsBadCodePtr
WriteFile
CreateEventA
VirtualProtectEx

uxtheme

SetWindowTheme
GetThemeTextExtent
GetThemeColor
IsThemeActive
DrawThemeBackground
OpenThemeData
GetThemeSysSize
GetThemeRect
DrawThemeEdge
CloseThemeData
GetThemeTextMetrics
CloseThemeData
GetWindowTheme

rasmxs

DeviceEnum
DeviceEnum
DeviceEnum
DeviceEnum

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy