857e74e1e58a6257061698caa586da1ec13df098fd6b6f9a8d5f9e6066ccbebe | Triage

Submit
Reports

Overview

overview

8

Static

static

857e74e1e5...be.exe

windows7-x64

8

857e74e1e5...be.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

857e74e1e58a6257061698caa586da1ec13df098fd6b6f9a8d5f9e6066ccbebe.exe

Resource

win7-20220812-en

discovery persistence

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

857e74e1e58a6257061698caa586da1ec13df098fd6b6f9a8d5f9e6066ccbebe.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

857e74e1e58a6257061698caa586da1ec13df098fd6b6f9a8d5f9e6066ccbebe
Size

181KB
MD5

4f80830f8c283126038daa75c34beea7
SHA1

ad56a8eac5234c882d78fa1154282a7837de10fe
SHA256

857e74e1e58a6257061698caa586da1ec13df098fd6b6f9a8d5f9e6066ccbebe
SHA512

5aa16521740837eb8dc639d6e9fee1bcde0f957e38e66c91cd3db47513fe24e9175ea5ed1ca959dc9e64cc0a18ff4eb6a901f81b034030fa4be209f535d049b4
SSDEEP

3072:B76vfiWy/hoZWrUqYhL3Wu6lMk/NY7l3lmZ5mSe3TmdmIykVn2lJtqch:JfhoZWoqYhL3Hhk/Nuli5ViTC2lJf

Score

N/A

Malware Config

Signatures

Files

857e74e1e58a6257061698caa586da1ec13df098fd6b6f9a8d5f9e6066ccbebe
.exe windows x86

ca149e64fd3e0f4146aadcf98a1c353f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetActiveWindow

kernel32

GetTickCount

Exports

Exports

��rainAgency@@00GPAUHINSTANCE__@@U_COMMPROP@@;F
?TrainEraser@@00GPAUHINSTANCE__@@U_COMMPROP@@;F
?TrainForward@@00GPAUHINSTANCE__@@U_COMMPROP@@;F
?TrainMove@@00GPAUHINSTANCE__@@U_COMMPROP@@;F
?TrainSimulator@@00GPAUHINSTANCE__@@U_COMMPROP@@;F

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.itext
Size: 512B - Virtual size: 377B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy