privateloader | 1972-55-0x0000000000DF0000-0x0000000001787000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

1972-55-0x...ry.exe

windows7-x64

1972-55-0x...ry.exe

windows10-2004-x64

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1972-55-0x0000000000DF0000-0x0000000001787000-memory.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

1972-55-0x0000000000DF0000-0x0000000001787000-memory.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

1972-55-0x0000000000DF0000-0x0000000001787000-memory.dmp
Size

9.6MB
MD5

e2b1234986fef2e1a67f84d14b8e644c
SHA1

ead3e9f8c4967c968883e972a7db16a8000f22cf
SHA256

00445aacda91a7473c59bbe2f13728daf6d5118d841f4d8dfe0043c78d4e1ee9
SHA512

f8de7e756d2df3e0dc03bb0ae51956e0b10ccb6b5e0133f2b4cab71bbf52aefae302159a825767a1ce3e004ada32dc63f60e03623e906f054311b62555545eec
SSDEEP

196608:kafyAXYRF6aItJ/+gDB7IXJW4y1sUe6R6us1SKkillX1+x4pVGhUMwN2aRijc:5KF6aSxDhGwcd6R6usQKzbXPNW

Score

10^/10

privateloader

Malware Config

Signatures

Privateloader family
privateloader

Files

1972-55-0x0000000000DF0000-0x0000000001787000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp/=0
Size: - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp/=1
Size: 4.8MB - Virtual size: 4.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy