6d79ed681cd0c737e5983a44c4b1dd082d11f3eba49e047d5c2228a542c92eab | Triage

Submit
Reports

Overview

overview

Static

static

6d79ed681c...ab.exe

windows7-x64

6d79ed681c...ab.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

6d79ed681cd0c737e5983a44c4b1dd082d11f3eba49e047d5c2228a542c92eab.exe

Resource

win7-20220901-en

ramnit banker evasion persistence spyware stealer trojan worm

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

6d79ed681cd0c737e5983a44c4b1dd082d11f3eba49e047d5c2228a542c92eab.exe

Resource

win10v2004-20220901-en

ramnit banker spyware stealer trojan worm

windows10-2004-x64

12 signatures

150 seconds

General

Target

6d79ed681cd0c737e5983a44c4b1dd082d11f3eba49e047d5c2228a542c92eab
Size

120KB
MD5

6a3c31c7edc7f6460f6a7720e3fab1db
SHA1

1ecad291d1d08046c9048475d69dd2332b03be94
SHA256

6d79ed681cd0c737e5983a44c4b1dd082d11f3eba49e047d5c2228a542c92eab
SHA512

e0ef95de6ddbf0ddc1f815f0006bf2aaa1586d2d6aff7e5f7cea85109a813b26b9963876487351b14961f1ae99e7c3c2c335f35dd8e3efaf4a541aa2cb569b86
SSDEEP

3072:mdkoV4I2VK/Jmp6Gb+eCDgb3GmT2Bb5jwaaHw7Koj4rGcalq5:gVR2VK/46GQ8gXg

Score

N/A

Malware Config

Signatures

Files

6d79ed681cd0c737e5983a44c4b1dd082d11f3eba49e047d5c2228a542c92eab
.exe windows x86

a702fbba1b7e44cffd35c538dc6d632a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
CreateFileA
VirtualProtect
GlobalAlloc
VirtualAlloc
GetDateFormatA

msvcrt

_adjust_fdiv
__set_app_type
_except_handler3
__setusermatherr
_initterm
__p__fmode
__p__commode

Sections

.text
Size: 60KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsr1
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy