40afb21f6ed9dddc96b211bd936f22e4c8fe941babf37d6159178d29d490be69 | Triage

Submit
Reports

Overview

overview

Static

static

40afb21f6e...69.exe

windows7-x64

40afb21f6e...69.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

40afb21f6ed9dddc96b211bd936f22e4c8fe941babf37d6159178d29d490be69.exe

Resource

win7-20221111-en

ramnit banker evasion persistence spyware stealer trojan worm

windows7-x64

18 signatures

150 seconds

Behavioral task

behavioral2

Sample

40afb21f6ed9dddc96b211bd936f22e4c8fe941babf37d6159178d29d490be69.exe

Resource

win10v2004-20221111-en

ramnit banker evasion spyware stealer trojan worm

windows10-2004-x64

18 signatures

150 seconds

General

Target

40afb21f6ed9dddc96b211bd936f22e4c8fe941babf37d6159178d29d490be69
Size

144KB
MD5

e15cd45dcd14d21ac2d27f3c431c93da
SHA1

989aa8b80d0d2a63dbe455a26c04373ab8ca76e9
SHA256

40afb21f6ed9dddc96b211bd936f22e4c8fe941babf37d6159178d29d490be69
SHA512

7442cf60b63a1747970ddb6db0ec6a56f305ce6df957608f9ea6d1df6fe692d72935c6d6439d2be46a45774be7e9ab6b15876bffe92cb53e2b60b2e001293231
SSDEEP

3072:VTlmPVcdgJs8HjfYv27XaaHw7Koj4rt0VY+Yw:VTMPVcdgnDfYe7X7w

Score

N/A

Malware Config

Signatures

Files

40afb21f6ed9dddc96b211bd936f22e4c8fe941babf37d6159178d29d490be69
.exe windows x86

977f74ad05a84dec1158a6588a55b9d0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GlobalCompact
GetBinaryTypeW
GetProfileStringW
GetProfileStringW

netapi32

NetUserGetInfo
NetUserGetInfo
NetApiBufferFree

ole32

CoInitializeEx
CoUninitialize
CoCreateInstance
OleUninitialize

setupapi

SetupCloseInfFile
SetupQueryFileLogA
SetupInitializeFileLogA
SetupCloseLog
SetupOpenLog
SetupRemoveFileLogEntryA
SetupGetFileCompressionInfoA
SetupGetInfFileListA
SetupScanFileQueueA
SetupInstallFilesFromInfSectionA
SetupOpenAppendInfFileA
SetupOpenFileQueue
SetupGetSourceFileLocationA
SetupGetSourceFileSizeA

Sections

.text
Size: - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 71KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy