donut[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

donut.exe

windows7-x64

donut.exe

windows10-2004-x64

Resubmissions

23-11-2022 10:29

221123-mh8h9seb73 10

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

donut.exe

Resource

win7-20220901-en

persistence ransomware spyware stealer

windows7-x64

15 signatures

150 seconds

Behavioral task

behavioral2

Sample

donut.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

3 signatures

150 seconds

General

Target

donut.exe
Size

164KB
MD5

a8b3b71860ca65a9e5e56fa3e27cd92b
SHA1

8a5bd8bf26eceaa7adff6e59227646155d220f3e
SHA256

9455b7fcf93f0a5a6f9c099fbe938f5a9169f8d3dcc83833aa2c0f903518cfa3
SHA512

3837c22458c845b4f05596583f98c8c20ec0424fb46dec39ec11e434b966a6e125c1b1e330e4bdd4921f8a21aeb229f76ba720f8d40af141b737e38fb0e2a65a
SSDEEP

1536:mW3XOHHUyrdRpnIsMRgE8Kl70w+ipXEI2W/GxHt/nyaY6uJvtrk3GwzRa0SOO+8W:meXIvxRzMnlQiP29N/yQGwztfO+xV

Score

N/A

Malware Config

Signatures

Files

donut.exe
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 151KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy