bded213b6ad8b501a9a8769498c06858[.]bin | Triage

Submit
Reports

Overview

overview

Static

static

1

4bc5ade40a...5b.exe

windows7-x64

4bc5ade40a...5b.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

4bc5ade40ab56113ce9709c0da15416628e089e838864a6756ceca90b8ffaf5b.exe

Resource

win7-20230220-en

lucastealer persistence ransomware spyware stealer

windows7-x64

17 signatures

150 seconds

Behavioral task

behavioral2

Sample

4bc5ade40ab56113ce9709c0da15416628e089e838864a6756ceca90b8ffaf5b.exe

Resource

win10v2004-20230220-en

lucastealer evasion persistence ransomware spyware stealer

windows10-2004-x64

21 signatures

150 seconds

General

Target

bded213b6ad8b501a9a8769498c06858.bin
Size

4.1MB
MD5

2cf0dd0e1c3fa35e9de8e02696987cb9
SHA1

ce8c4f6c9ea8c13d62c2a843dcf9cd0b4066866f
SHA256

f37134e9d3f61052ce126082a31aea1c7e0b3fca9f2373e79c3b4a9d884aef9b
SHA512

1fb9c4a0f2666c9d4dfe5fbe85e6741f13b5756156609f3ed81b00f19de85957d36d125361f447166b697263e7196f32a7692c419d67754c40f22c1e916ef99b
SSDEEP

98304:WrxRPxxfOiW8g8PpgTmgv02ZtUXsIJIyf:YfnfOT8FPWTmgv0hXfyw

Score

1^/10

Malware Config

Signatures

Files

bded213b6ad8b501a9a8769498c06858.bin
.zip

Password: infected
4bc5ade40ab56113ce9709c0da15416628e089e838864a6756ceca90b8ffaf5b.exe
.exe windows x86

Password: infected

416340397d7047bee023a037eac754b2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

strlen
malloc
fopen
fwrite
fclose
memset
getenv
sprintf
__argc
__argv
_environ
_XcptFilter
__set_app_type
_controlfp
__getmainargs
exit

kernel32

CreateProcessA
CloseHandle
SetUnhandledExceptionFilter

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

user32

GetWindow

advapi32

RegDeleteKeyA

shell32

SHGetFolderPathW

Sections

.text
Size: 4.6MB - Virtual size: 4.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 782KB - Virtual size: 784KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 149KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy